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Preface 


Insurance law is multidisciplinary by nature, as it necessarily must interact with other 
disciplines, such as actuarial sciences or finance. However, this multi-disciplinarity 
also concerns the intersection with other branches of law. Most of the insurance 
undertakings are corporations and, as such, they are subject to corporate law rules, 
while insurance law is increasingly taking on a transnational connotation in regulat- 
ing the organisation and activity of insurance companies. The combination of 
company law and insurance-specific rules is at the heart of this investigation. 

This book is a collection of contributions from authors with different legal 
cultures, and it aims to identify the legal issues that arise from the intersection of 
these two disciplines, i.e., insurance law and corporate/company law. The issues 
entailed are examined mainly based on the European Union (EU) law, although there 
are also contributions from other legal systems that enrich the perspective with 
which to approach those issues. 

The book includes two parts. The first part collects six contributions that analyse 
different profiles of the system of governance of insurance undertakings. The 
analysis concerns the regulations introduced by the Directive Solvency II and the 
corporate law of relevant EU jurisdictions. However, one of the chapters contributed 
tackles the issue from the perspective of Singaporean law that aspires to become the 
leading (re)insurance and risk transfer hub in Asia. The second part contains eight 
contributions that examine the intersections between the insurance business and 
corporate law. They include extraordinary corporate operations, supervision, 
reporting, customer relations, and claims handling management, whilst one contri- 
bution focuses on private international law issues. Again, the issues entailed are 
examined mainly based on and from the perspective of the European Union 
(EU) law. Still, the supranational nature of the insurance business also allows the 
experiences of other legal systems to be included in the analysis, since they can 
provide valuable insights to other regulators. 

This book fills a gap in the legal literature that has examined the two branches of 
law, i.e., insurance regulation and corporate law, separately so far. With the objective 
difficulty of examining rules with different levels of transnational harmonisation, the 
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effort made is to provide as much a “unitary” vision as possible of the legal issues 
entailed and herein examined. This effort is made, nonetheless, with the awareness 
that those issues are mainly perceived and managed as such in practice. It is left upon 
the reader to undertake the task of evaluating the efficacy of this effort. The law 
stands as on 27th April 2021. 


Milan, Italy Pierpaolo Marano 
Exeter, UK Kyriaki Noussia 
April 2021 


AIDA Europe 


AIDA Europe was established in 2007 with the aim of promoting, either directly or 
through its members, the development of insurance and related laws. It attempts to 
achieve this, mainly through: 


e furtherance of the study and knowledge of international and national insurance 
law and of related matters; 

e proposition of measures aiming at the harmonization of insurance law or the 
means for resolution of insurance disputes; 

e facilitation of exchange of academic know-how between its members or any other 
European organization dealing with insurance-related matters, similar to those of 
AIDA Europe; 

e support of academic work in the field of insurance, e.g. through cooperation with 
universities or the sponsoring of academic research and papers. 


AIDA Europe organizes conferences mainly geared to the European-based juris- 
dictions, offering to all interested stakeholders a platform for an open- and solution- 
minded scientific- and practice-related dialogue on key developments in the area of 
insurance, reinsurance and related law also supporting its members in their respec- 
tive endeavours. Conferences are open to all stakeholders and regularly attract 
representatives from the insurance sector, academia, private practice, regulatory 
authorities or law-making bodies. 

AIDA Europe also maintains a keen focus on supporting the development of 
young academic talents by sponsoring academic work and by inviting young 
academics to its conferences. AIDA Europe’s Scientific Committee, which supports 
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AIDA Europe through the scientific agenda setting, also manages AIDA Europe’s 
Calls for Papers. 

AIDA Europe is a non-profit organization, pursuing altruistic goals and has its 
seat in Zurich, Switzerland. Its events are open to all interested parties. For further 
information, please see https://aidainsurance.org/regional-groupings/aida-europe. 
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Part I 
The System of Governance of Insurance 
Undertakings 


Corporate Governance and the So-Called @_ 
‘Four-Eyes Principle’ si 


Niccolò Abriani and Armando Catania 


Abstract This chapter aims to analyse the current role played by insurance under- 
takings and their senior managers—with a specific reference to the Italian, French, 
Spanish and British insurance industry, taking into consideration the important 
changes introduced by the Solvency II framework. 

In doing so, the study identifies features of the international regulation of insur- 
ance development based on the recommendations of the International Association of 
Insurance Supervisory (LAIS) and the Directives of the European Union (EU). 

The board delegates the running of the business to the senior managers, expecting 
them to operate on behalf of the company’s interests. 

The literature has identified several problems resulting from this relationship. 

We intend to consider the internal behaviour affected by the board-senior man- 
agers’ relationship, by looking for direct connection between the elements of senior 
managers behaviours’ and the organisational and operational structure of the 
enterprise. 

Inside the theoretical framework and given the existing related literature, our 
work aims to answer the above research question. 

According to our statements, it will be demonstrated that, with specific focus on 
the management sector, there are still wide possibilities for improvement and more 
studies concerning board-senior managers relationship. 


The Authors have shared all ‘significant decisions’ in actual application of the so-called ‘Four-Eyes 
Principle’. Nonetheless, Paragraphs 1, 2 and 4 are attributed to Armando Catania, and Paragraph 
3 to Niccolò Abriani. 


N. Abriani (%4) 
College of Law, University of Firenze, Firenze, Italy 
e-mail: niccolo.abriani @unifi.it 


A. Catania (><) 
Palermo Bar Association, Palermo, Italy 
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4 N. Abriani and A. Catania 
1 The Corporate Governance Structure 


In the Solvency II framework,’ an effective system of governance? is considered 
essential for the proper management of insurance undertakings, as well as for the 
resulting regulatory system.” 

Governance is the system through which the insurance company is internally 
regulated.* It incorporates many aspects of the business of an insurance company, 
such as corporate structure. 

Solvency II identifies an effective system of governance in an adequate 
organisational and operational corporate structure°—aimed at supporting the 


' The Directive 2009/138/ EC (Solvency II) is the regulatory framework for the European insurance 
industry. It has been amended over and over and its entry into force, postponed several times, has 
been set for all Member States on | January 2016. The principles of the Solvency II Directive are 
complemented by a second level sectoral regulation represented by Delegated Regulation 2015/35/ 
EU (as amended by Delegated Regulation 2016/467/EU), as well as technical implementing 
standards issued by the European Commission, both directly applicable at national level. 

At a supranational level, the regulatory framework is completed by the Guidelines, Recommen- 
dations, Opinions issued by the European Insurance and Occupational Pensions Authority (EIOPA) 
aimed at fostering convergence in the application of the Directive and supervisory practices. 


Solvency II identifies some core principles that should characterise an effective system of 
governance. 

These principles include: (i) transparency (to be achieved through a clear division and appro- 
priate separation of responsibilities, as well as through an effective information system); 
(ii) proportionality (with respect to the nature, scope and complexity, of a company’s activities); 
(iii) written policies on risk management, internal control, internal audit and (where relevant) 
outsourcing and business continuity. 

See Dell’ Atti et al. (2018), p. 135. 

On the requirement for all insurance and reinsurance undertakings to have in place an effective 
system of governance, see Manes (2017), p. 115 ff. 

The internal governance implications of Solvency II have been widely debated by Dreher (2015), 
p. 155 ff. 


3 See Siri (2017), p. 12. 

Vella (2014), p. 291, points out that the term ‘governance’ encompasses a plurality of phenom- 
ena, on which regulatory choices may have an impact. 
4A recent research conducted by Anderloni et al. (2019) shows how governance mechanisms can be 
divided into external and internal mechanisms. 

External governance mechanisms are: (i) market mechanisms; (ii) threats of take-overs; (iii) the 
action of external stakeholders other than shareholders; (iv) the market for managerial work. 

The internal governance mechanisms include: (i) the characteristics of the board; (ii) the extent of 
the CEO’s powers; (iii) the presence and characteristics of the internal board committees; (iv) the 
management incentive and remuneration tools; (v) the financial policies. 
>See Dodevska and Nuredini (2019), p. 2. 


®Selleri (2010), p. 608 ff. highlights the fact that insurance undertakings are accustomed to 
alternating between use of a so-called ‘divisional’ or ‘functional’ organisational and operational 
structure. 

The first is characterised by an articulation of the entire activity of the enterprise in business areas 
differentiated by product lines or market spheres, cultivated through Strategic Business Units (S.B. 
U.), which in turn are further broken down into functions or departments. 
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undertaking’s strategic objectives and operations—clearly distributed, transparent 
and equipped with an effective system to ensure the transmission of information 
internally. 

The organisational and operational structure plays a decisive role to guarantee the 
sound and prudent management of the insurance undertaking.’ It is the duty of the 
board of directors? to arrange an appropriate organisational and operational struc- 
ture, to be adapted periodically to the changing conditions on an international, 
national and corporate level. The organisational structure determines the tasks and 
assignments, while the operational structure settles the way of performing the tasks; 
in any case, it is ultimately the administrative, management or supervisory body” that 
has the responsibility for the execution. 

The four key functions (Risk Management, Compliance, Internal Audit and 
Actuarial) must have an appropriate standing in the undertaking’s organisational 
structure, even though it is not required any mandatory organisational structure, as 
the insurers'° have the freedom to decide how to organise any function,'! unless 
otherwise specified by the law.'* 


2 The Board-Senior Managers Relationship 


Corporate governance involves making decisions and taking actions related to the 
corporate culture, environment and structural framework, policies and controls. It is 
not indeed a once-established system, but a continuous process that needs to be 


The second, instead, can be distinguished by the division into several functions (i.e. specialised 
areas of activity), characterised by the homogeneity of the processes carried out. 

The aspect on the basis of which the articulation of the business activity would be determined by 
function both in the ‘divisional’ and ‘functional’ organisational structure is a symptom of a vertical 
division of the same, although, in one case, it takes place at the level of the entire enterprise, while, 
in the other, within each business unit. 
7See Marino and Costa (2015). 

There are a lot of different set of rules at different levels in each European country largely affecting 
the activities, duties and accounting of insurance companies’ directors. 

See furthermore Montalenti (2021), p. 18 ff. 
°The nature and structure of the administrative, management or supervisory body varies with the 
national company law applicable. 

'0Tn this paper, hereinafter, unless stated otherwise, the terms ‘insurance undertakings’ and ‘insurer’ 
are assumed to include both insurance and reinsurance undertakings. 

1 In the context of a system of governance, a ‘function’ is to be understood as an administrative 
capacity to undertake particular tasks, considered important or critical. 

' Article 268 of the Delegated Acts reserves to the autonomy of the insurance undertaking any 
decisions on the organisational position deemed most appropriate to be given to the fundamental 
functions, in compliance with the principle of separation between operational and fundamental 
functions. 
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constantly upgraded.'* This is why an effective corporate governance structure 
requires appropriate standards to recognise, protect and promote the rights, relation- 
ships and interests of the administrative, management and supervisory bodies. 

This chapter aims to explore only the different ways in which the governance of 
insurance undertakings is involved with the board-senior managers relationship. '* 

The day-to-day business of the firm, and so the state of affairs that might lead to 
any key decision the board is asked to make, is largely determined by the work of the 
company’s senior managers. sed 

Senior managers work with various parties in the interest to manage the firm’s 
relationships with the outside world,'® so they have often more intimate knowledge 
of the deals than the board and may have to explain the interactions of the different 
relationships to the board.'” 

When the board is asked to make significant decisions’® that involve mediating 
among various interests, it is supposed to be challenging and reviewing critically the 


'3 See Dodevska and Nuredini (2019), p. 1 ff. 


'*Confirmation that both directors and managers contribute to the composition of corporate 
governance on different, albeit complementary, bases can already be found in the Preamble to the 
G20/OECD - Organization for Economic Cooperation and Development (2015), where it is 
explained that ‘Corporate governance involves a set of relationships between the managers of a 
company, its board of directors, its shareholders and other interested parties’. 

The current version of the OECD Principles is the one approved by the Council of the same 
organisation during the meeting held on July 8, 2015, subsequently implemented by the represen- 
tatives of Governments belonging to the G20, therefore also known as G20/OECD Principles. 


'S See Fama and Jensen (1983), p. 127. 


'©See, in general, Lin (1996), p. 914 ff. 

Anderloni et al. (2019), p. 4, attribute a certain influence of insurance undertakings’ stakeholders 
(such as policy holders, injured third parties, reinsurers, supervisory authorities and shareholders) 
on decisions that modify the level of management risk assumed and the solvency of the institution. 


'’ This seems to be a component common to all the most advanced economies, considering that it is 
also found in North American literature that investigates the specific phenomenon of business 
organisation. 

See Alces (2011), p. 783, which gives evidence of how in the largest multinationals in the world, 
when the board must vote on a particular matter of corporate business, officers and experts selected 
by the officers brief it on the subject. 

The above consideration seems to assume a critical value in the opinion expressed by Henderson 
(2013), p. 28, according to whom while most boards are composed of smart and experienced 
individuals with diverse experience and significant reputations, they are simply outgunned in terms 
of information and incentives relative to the managers they are supposed to control. 


'8 Significant decisions are the ones are unusual or that could have a material impact on the 
undertaking (i.e. decisions that—according to E.I.O.P.A. - European Insurance and Occupational 
Pensions (2015)—could affect the strategy of the undertaking, its business activities or its business 
conduct; or even could have serious legal or regulatory consequences; or even more could have 
major financial effects or major implications for staff or policyholders; or ultimately could poten- 
tially result in repercussions for the undertaking’s reputation). 

The ‘significant decisions’ must be considered as opposed to the ‘day-to-day decisions’ (i.e. the 
spate of usual decisions to be taken at the top level of the undertaking in the running of the business, 
according to the same Guidelines above mentioned). 
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information it needs to fully perform its function by a correct interaction with the 
senior management” and key functions holders (Risk Management, Compliance, 
Internal Audit and Actuarial). 

The board may perform in such effective style if senior managers maintain 
industrial development, business decisions and internal policies consistent with 
company’s strategies and risk appetite. 

The ability of senior managers to perform this role is to a large extent dependent 
upon the flow of information—coming across control functions, among internal 
functions and within the business units—to determine whether, based on each 
individual senior’s manager experience, knowledge and expertise, any strategic 
decision is advisable for such company. 

Consequently, the collection of credible information provides the foundation for 
effective decision making by the board. 

Senior managers serve, therefore, such as a backstop, or a final quality check, 
before a major decision is formalised. 

Thus, a relational environment throughout the company that fosters open com- 
munication between senior managers and the board encourages a critical review of 
the company’s site and scope of operations. 

A relevant mediation function among the board and senior managers is now 
performed by the in-house counsels of the firm, such as a person, who, over time, has 
acquired an increasingly distinctive role, i.e. the Secretary of the Board of Directors. 

The Codice di Corporate Governance (Corporate Governance Code)” of listed 
Italian companies (and the major national insurance companies fall into this cate- 
gory), for instance, assigns to the Secretary of the Board of Directors the task of 
ensuring, together with the Chairman of the Board of Directors, that the preliminary 
information and the information provided during board meetings is suitable to 
empowering the directors to act in an informed manner, also by way of attendance 
at board meetings by the officers of the company (as well as those of the group 
companies it heads) who occupy the role of heads of the various company functions. 

For listed companies, the UK Corporate Governance Code?! provides that the 
board, supported by the company secretary, should ensure that it has the policies, 


' Arg. by Siri (2017), p. 20. 
According to Bailey (2015) on a forward-looking basis a firm’s culture should promote discus- 
sion, debate and honest challenge. 


0 Available at —_https://www. borsaitaliana.it/comitato-corporate-governance/codice/2020.pdf, 
approved by the Comitato per la Corporate Governance di Borsa Italiana (Corporate Governance 
Committee of Borsa Italiana 2020) in January 2020. 

The companies that will adopt the Code will apply it as from the first financial year starting after 
31 December 2020, informing the market in the corporate governance report to be published 
in 2022. 

The compliance with the rules of Solvency II is most likely to be easier for the Italian companies 
who adopt the Italian Corporate Governance Code (as last time updated in January 2020) because of 
the greater familiarity with reporting obligations and other constraint. 

See Venuti et al. (2016), p. 143. 


?1F.R.C. - Financial Reporting Council - (2018a). 
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processes, information, time and resources it needs to function effectively and 
efficiently, and all directors should have access to the advice of the company 
secretary, who is responsible for advising the board on all governance matters.” 

According to the Spanish Código de buen gobierno de las sociedades cotizadas 
(Listed Companies Corporate Governance Code),”* the company’s secretary is the 
one who has the key task of facilitating the efficient functioning of the board through 
a strict control exercised on the performance of the board itself in any matter relating 
to corporate governance. 

An adequate knowledge of the company reality on the part of those who, for 
various reasons, contribute to the organisation of the enterprise structure, is 
nourished through effective professional cooperation between them. 

In the French legal system, Article 2.5 of the Notice ‘Solvabilité II - Système de 
gouvernance’ (Notice ‘Solvency II’ - System of governance)“ encourages cooper- 
ation between members of the top management of insurance undertakings as a means 
of preventing unnecessary overlapping of tasks between them, with a view to 
achieving a balanced distribution, in accordance with the corporate strategy 
pursued.” 


?? Tn Great Britain, under Section 271, Companies Act 2006, each ‘public company’ is required to 
have a ‘secretary’, whereas under Section 270 above, the same obligation does not apply to ‘private 
companies’. 

The Financial Reporting Council (FRC) (2018b) provides a more detailed description of the role 
of the company secretary in his or her support of the board. 

See Kakabadse et al. (2014). 


23 Approved by the Comisión Nacional del Mercado de Valores (National Stock Market Commit- 
tee) in June 2020. 


*4The Code des Assurances (Insurance Code)—the first version of which is based on decree n. 76/ 
667 of 16 July 1976—covers all the laws and regulations that have, among other things, contributed 
to the implementation in France of the requirements of Solvency II, while the regulation of the 
system of corporate governance of insurance undertakings has found its home in the Notice 
‘Solvabilité II - Systeme de gouvernance’ (Notice ‘Solvency IP - System of governance) drawn 
up by ACPR - Autorité de Contrôle Prudentiel et de Résolution - Banque de France (2015). 


The principle of informed action—of which the call for cooperation is a concrete method of 
implementation—seems for the French regulator to become the keystone on which to build the 
functional system of insurance undertakings, structured in a neutral manner by Solvency II. 

The provision contained therein in Article 41, which states ‘Member States shall require all 
insurance and reinsurance undertakings to have in place an effective system of governance which 
provides for sound and prudent management of the business’, seems in the regulatory act to consist 
almost entirely in the duty for top management to act in an informed manner, thus giving the 
impression of abandoning the function of a merely concurrent component of a good system of 
corporate governance, to become a fundamental requirement for the construction of a good system 
of corporate governance. 

Article 2.7 of the Notice 2015 seems to give force to the above impression, where the focus of the 
policies implemented for the creation of a good corporate governance system coincide with the 
processes and procedures envisaged to foster the exchange of information between the members of 
the corporate functions. 

These procedures connote a real obligation if they refer to information to be provided to the 
heads of the risk management, compliance verification, internal control and actuarial functions. 
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Under Solvency II the insurance undertakings must implement the Own Risk Self- 
Assessment (ORSA) and make it an integral part of their business strategy, which 
must be considered on an ongoing basis in the strategic decisions of the 
undertakings.”° 

Through the ORSA process it is expected that senior managers update” the board 
regularly at board and committee meetings in light of the progress of the ORSA and 
of any material findings that may influence the undertaking’s strategy before the 
making of any key decisions.”® 

In this regard, it has to be investigated whether it is possible to infer from 
Solvency II the principle that, prior to the implementation of any significant decision 
concerning the undertaking, at least ‘two persons’ must review such decision 
(so called ‘Four-Eyes Principle’);*° that it must necessarily be referred to directors, 
or that at least one of these ‘two persons’ could be a senior manager.*° 

A very relevant consequence could arise from the first or the latter of these two 
working hypotheses. 

In the first scenario, it will be confirmed that the ownership of any significant 
decision concerning the undertaking rests with the board, as the directors are part of 
it; in the second, it could be demonstrated that, even if it is still true the ownership of 
this particular kind of decisions rests with the board, some significant decision could 
be taken by the senior management too. 

To find it out, we could assume that, according to Section 1.29 of the EIOPA 
Guidelines on System of Governance 2016,°' the two persons to be involved in any 
significant decision, before it is implemented, are those who effectively run the 
undertaking. 


© Own Risk Self-Assessment (ORSA)—that may be treated as part of the management system— 
aims to: (i) improve risk management system; (ii) better understand the overall capital adequacy and 
capital allocation; (iii) harmonise risk and capital management systems. 

?7The maintenance of a constant internal discussion within the management for adequate knowl- 
edge of the trend of relevant economic scenarios contributes to implement on the best way the 
strategic plan drawn up by the administrative body (arguments ex Siri 2018, p. 73 ff). 

The EIOPA—as part of the process aimed at applying Solvency I—with the public consultation 
on the Set 1 of the Solvency II Guidelines of 2 June 2014, refers to the concept of ‘collective 
knowledge’ of the administrative body as a whole, as an indispensable prerequisite for guaranteeing 
healthy and prudent management of the insurance undertakings. 

?8 See Clarke and Phelan (2015), p. 17. 


?°Tt is the application of the principle expressed in the premises to Delegated Regulation 2015/35/ 
EU, according to which none in the company should have an uncontrolled decision-making power. 
3°Siri (2017), p. 14, states that arguably the ‘two persons’ who shall ensure to take every significant 
decision should not be necessarily both directors. 

Dodevska and Nuredini (2019), p. 8, agree with Siri (2017), p. 4, on the basis that the provision 
refers generally to ‘persons’. 


31 1.0.P.A. - European Insurance and Occupational Pensions Authority (2016). 
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For the aforementioned Guidelines, the persons who effectively run the under- 
taking cover members of the administrative, management or supervisory body taking 
into account national law, as well as members of the senior management. The latter 
includes persons employed by the undertaking who are responsible for high level 
decision making and for implementing the strategies devised and the policies 
approved by the administrative, management or supervisory body. 

So, the governance of insurance undertakings is composed, like that of any other 
undertaking, of two distinct interdependent spheres, namely management and 
administration.*” 

It appears that this can be deduced from the consideration that, while the 
governance system as a whole is essential for the management of the entire enter- 
prise, the functions—even those defined as ‘key’—are parts of the governance 
system and indeed are fundamental for the administration of the various phases of 
the enterprise. 

Between the phases of administration of insurance undertakings, there should be 
a further distinction between the performance of executive activities, on the one 
hand, and non-executive activities, on the other. 

A precise indication of this impression seems to be found in Recital 35 of 
Solvency II, which differentiates between the persons who ‘effectively run the 
undertaking’ and those who ‘have other key functions’. 

It seems that the use of the adjective ‘other’, modifying the noun ‘functions’, 
should relate to a term that is missing in the first part of the same sentence (that is 
‘key functions’), which should also apply to those who actually run the business. 

In other words, it seems that the European legislator may have wanted to 
differentiate between those who direct the functions through which executive activ- 
ities of the companies are performed, and those who direct functions through which 
non-executive activities are carried out. 

True confirmation of the opinion just expressed seems to be found in the 
Guidelines published by EIOPA regarding the articulation of the corporate gover- 


32 A differentiation of roles between the board of directors and management persists, which helps to 
identify the scope of managerial functions in the performance of the acts related to the organisation 
of the company. These are limited—upwards—by the acts relating to the conduct of business 
operations falling within the powers of the general meeting, and—downwards—by the acts 
concerning the administration of the company that are incumbent on the executive staff. 

See furthermore on the topic Champaud (1962); Pailluseau (1967); Iglesias Prada (1971), p. 43 
ff.; Rodriguez Artigas (1971), p. 126; Angelici (1990), p. 997 ff.; Cabras (1995), p. 38 ff; 
Charreaux (1997); Vicent Chulia (2008), p. 451; Alces (2011), p. 783 ff.; Winter (2011), p. 3 ff.; 
Fleckner and Hopt (2013); Juste Mencia (2013); Latorre Chiner (2013); Martynova and Renneboog 
(2013), p. 97; Mc Nulty (2013), p. 133 ff.; Henderson (2013), p. 28 ff.; Goergen (2018); Abriani 
(2019), p. 36 ff.; Tricker (2019), p. 317 ff. 
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nance system, which aim to limit the possibility that the exercise of the four key 
functions taken into account by Solvency II (Risk management, Compliance, Inter- 
nal Audit and Actuarial) may be combined with the performance of roles of 
administration, management and control, or, in any case, with the performance of 
operational activities.** 

To achieve the desired result, the EIOPA Guidelines aim to prevent a situation 
where the holder of a key function may be in a subordinate position compared to the 
head of an operational function,** unless—in addition to creating no other filter in 
the direct reporting of the holder of the key function to those with roles of admin- 
istration, management and control—adequate risk mitigation criteria are also 
adopted to ensure that the owner of a key function does not find himself, even if 
only on a purely formal level, in a non-autonomous position in relation to the head of 
an operational function.” 

Thus, according to EIOPA Guidelines, any further reflection on the persons 
intended to effectively run the undertaking could be developed when we turn to 
analyse the equivalent regulatory framework shaped by each national law. 


33The Peer Review of key functions: supervisory practices and application in assessing key 
functions, conducted by the EIOPA in 2016, has shown that a certain combination of the exercise 
of key functions and the performance of tasks of administration, management and control, or, in any 
case, the performance of operational activities, takes place, albeit occasionally, in insurance 
undertakings in almost all countries, where the respective national market regulatory authorities. 
However, it seems inclined to maintain an approach based on an assessment of the compatibility of 
the individual case with the general principle of proportionality. 

The principle of proportionality constitutes, according to Article 5 of the Treaty on European 
Union (TUE), the main parameter for assessing the legitimacy of European acts, in terms of 
suitability and necessity, in relation to the achievement of the objectives pursued by the Treaty 
itself. 

Nevertheless, the European Regulatory Authority considered it essential to draw the attention of 
each national authority to the possibility that such situations may occur, especially in companies 
with more complex organisations, ensuring, in any case, the adoption of adequate safeguards to 
ensure an effective system of corporate governance. 

In the opinion of the EIOPA, a useful mechanism to prevent the onset of potential critical 
phenomena is the timely invitation of individual national authorities to each of the companies 
concerned to promptly communicate the non-existence of a conflict situation, and, in any case, the 
proper management of the relative phase. 

See, furthermore, Lener (2016), p. 239 ff. 


34The above-mentioned Peer Review has ascertained that such cases exist in half of the countries 
observed. 


35 Equivalent tension seems to have pervaded the orientation of the IAIS, to the extent that that ICP 
7.1. is careful to alert the national market regulatory authorities to ensure that the three main players 
in the corporate governance system—(i) the administrative body; (ii) senior management; (ili) key 
persons in control functions—adopt criteria capable of guaranteeing a clear separation between the 
management tasks of the company assigned to the administrative body—whose functions of 
effective administration reserved to a part of the management constitute just one stage—from the 
supervisory tasks, reserved, on the contrary, to the holders of the fundamental functions. 
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4 The Persons Who Effectively Run the Undertaking 


4.1 In Italy and in France 


In the Italian legal system, according to Article 30, paragraph Codice delle 
Assicurazioni Private (Private Insurance Code),*° the board of directors has both 
the power to set up operational functions—by assigning tasks and responsibilities— 
whereas, according to Article 26, paragraph II, I.V.ASS. Regulation No. 38/2018, 
has the duty to formalise the establishment of fundamental functions.*” 

This seems such a natural consequence arising from the content of the previous 
Article 29-bis which, in accordance with Article 40 Solvency II, provides that the 
board has the ultimate responsibility for the compliance, by the insurance undertak- 
ings, with the laws, regulations and provisions, both at a national and a supranational 
level. 

The nature of the verbs used by the Italian legislator (‘attribute’ and ‘formalise’) 
does not seem accidental: one can only attribute to someone something that one 
already possesses; on the other hand, one can only formally acknowledge the fact 
that someone else already possesses something. 

It seems that this may be the reason the board of directors is able to attribute tasks 
and responsibilities to operational functions, whereas, in relation to fundamental 
functions, the same body may merely formalise the institution thereof. 

The tasks and responsibilities are, therefore, attributed by the board of directors to 
the heads of the operational functions, so that they can contribute, through their 
activity, to the sound and prudent management of the company; the tasks and 
responsibilities, on the contrary, are conferred by the board on the heads of the 
fundamental functions, because they ensure, through their activity, the sound and 
prudent management of the company.*® 


3°Tn the Italian legal system, the Legislative Decree No. 209/2005, containing the Codice delle 
Assicurazioni Private (Private Insurance Code), pursuant to the amendments and additions to it 
since its promulgation, has helped to implement Solvency II in Italy. 

The Private Insurance Code has delegated to Istituto per la Vigilanza sulle Assicurazioni (Italian 
Insurance Supervisory Authority)—hereinafter, for the sake of brevity, referred to only as I.V.ASS 
(2018). 

The Regulation constitutes the pre-eminent regulatory act which the I.V.ASS. has at its disposal 
to implement the primary legislation. 

The regulatory competence of the I.V.ASS. is also exercised through the Letters to the Market 
(general recommendations containing the Institute’s expectations aimed at guiding the work and 
organisational structure of the supervised companies) and the supervisory procedures. 
37Marino and Cimarelli (2018) share the assumption that the board of directors remains ultimately 
responsible and central pivot of the corporate governance system, since it is their task to define 
strategies, provide guidelines and guidance, and approve the organisational structure of the 
companies. 
38Senior management works alongside the board of directors with the task of implementing, 
maintaining and monitoring the corporate governance system, as it has the first responsibility for 
the compliance, by the insurance undertaking, with the laws, regulations and company’s strategies. 

See Farenga (2016), p. 24 ff. 
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So, while the division of the organisational structure of the company into 
operational functions is freely left to the board of directors, the division into 
fundamental functions is provided for by the legislator as an obligation, both of 
which are instrumental to ensuring the sound and prudent management of the 
company. 

The idea that it is within the board of directors’ power to configure, in compliance 
with the law, not only the organisational structure of the operational functions, but 
also the fundamental functions, could be a valid indication of the equivalence of the 
levels occupied by both functions in the structure of the insurance undertakings, 
which would also signify an equivalent hierarchical level between the heads of the 
operational functions and those of the fundamental functions (or, it is the same, no 
hierarchical level is inserted between the heads of the fundamental functions and 
those of the operational ones*”), even though the latter contribute to the performance 
of the company’s administrative acts from a position that ensures compliance with 
the principle of separation from the operational functions, so as to preserve their 
autonomy, independence and objectivity of judgement. 

It would seem, therefore, that the heads of fundamental functions would be part of 
the management category of the insurance undertakings, even though they carry out 
non-operational administrative activities. 

The heads of the fundamental functions would therefore be at the same level as 
the heads of the operational functions, with whom they collaborate on a horizontal 
level, given their autonomy and independence, but unlike the latter, they would not 
remain subject to the vertical hierarchical line which extends all the way up to the 
General Manager, precisely in order to preserve their autonomy and independence. 

Ultimately, this could be the reason for the choice made by the Italian legislator to 
coin the notion of ‘personale rilevante? (‘relevant personnel’) in Article 
2, paragraph I, letter m), of LV.ASS. Regulation No. 38/2018 to bring together 
under this common definition both those who perform operational functions and 
those who perform non-operational functions. 

Therefore, the notion of ‘relevant personnel’ includes ‘the general managers, 
managers with strategic tasks, the owners and the highest level staff of the funda- 
mental functions and the other categories of personnel whose activity may have a 
significant impact on the company’s risk profile, chosen by the company on the basis 
of motivated and adequately formalised choices’ (‘i direttori generali, i dirigenti con 
compiti strategici, i titolari e il personale di livello piu elevato delle funzioni 
fondamentali e le altre categorie del personale la cui attività può avere un impatto 
significativo sul profilo di rischio dell'impresa, identificato dall'impresa, in base a 
scelte motivate ed adeguatamente formalizzate °). 


3 See Marly (2017b), p. 42. 
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French legislation explicitly distinguishes the ‘administration’ of a company from 
its ‘management’. The first, if the company is set up as a joint-stock company, is the 
job of the board of directors; the second, on the contrary, that of one or more 
managers,” and indeed the verb used to refer to management activity is ‘diriger’.*! 

The French Code de commerce (Commercial Code) seems to end its use of the 
lexicon to identify the senior managers of the company at the alternation of 
‘directeur général’ (general manager)—but also ‘directeur général délégué (deputy 
general manager), since French company law expressly regulates the possibility of 
appointments up to a maximum of five—and ‘dirigeants’ (managers).** 

The Code des assurances (Insurance Code) provides that the dirigeants can take 
on the additional status of ‘dirigeants effectifs’ (effective managers). 

The term dirigeants effectifs seems to pair the adjective and the noun based on the 
will expressed by the legislator—in Article R 322-168 Insurance Code—which 
determines that the effective management of the insurance undertaking*’—con- 
ferred, at the discretion of the board of directors, or of the supervisory board, to 
the general manager, or to the deputy general manager, or to the members of the 
board, may also be conferred to one or more officers, having the experience, skills 
and honourability necessary to ensure the necessary diversity of knowledge, expe- 
rience and qualifications which are essential to being able to manage the undertaking 
in a professional manner, and having also sufficiently broad powers over the 
activities and risks of the company to being involved in decisions with a significant 
impact, particularly in strategic, budgetary or financial matters (Article L322-2, 
paragraph VII, Insurance Code, supplemented by Article 4.1 Notice 2015)—who 
thus assume the profile of dirigeants effectifs 


4°Tn the French legal system, the managers are quite often called ‘cadres’. 

See furthermore on this topic Robin Olivier (2009), p. 37 ss. 

In the management companies, but also in the investment service providers, credit institutions 
and insurance companies, ‘cadres’ are natural persons with operational and effective functions. 

See AMF -— Autorité des Marchés Financiers - Règlement général (FMA - Financial Markets 
Authority - General Regulation) (2021), available at https://www.amffrance.org/fr/eli/ft/aai/amf/rg/ 
20210101/notes. 

See also Marly (2017a), p. 6. 
41 See, for instance, Articles L 210-9(1) of the Commercial Code and L322-2(VID of the Insurance 
Code, respectively. The first is devoted to the impossibility of invoking any defects affecting the 
appointment of ‘personnes chargées de directeur la société’ (people responsible for managing the 
company) once the disclosure formalities have been completed; the second, on the contrary, is 
intended to describe the personal requirements of ‘Les personnes appellees a directeur une 
enterprise (...)’ (The people called to manage a company). 
“It is the Code de gouvernement d’enterprise des sociétés cotées (Listed Companies Corporate 
Governance Code) to create the further category of ‘Dirigeants mandataires sociaux exécutifs/non 
exécutifs’ (Executive/non-executive senior corporate managers) for the purposes there conceived. 
“The effective management of the insurance undertaking consists in the determination of the 
direction of the company’s activities. 
“The general manager or members of the management board, as well as any deputy general 
manager in the bodies governed by the Insurance Code (Article R 322-168); the chairman of the 
board of directors and the operational manager in organisations subject to the Mutual Insurance 
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The Notice 2015 in Article 2.3 determines that it is the responsibility of the 
companies carrying out insurance activities listed in Articles L 310-3-1 Insurance 
Code, L 211-10 Code de la mutualité (Mutual Insurance Code) and L 931-6 Code de 
la sécurité sociale (Social Security Code), to ensure that at least two people 
effectively manage the company and intervene in all significant decisions before 
they are taken (‘L’enterprise veille a ce qu’au moins deux personnes dirigent 
effectivement l’enterprise et interviennent dans toute décision significative avant 
que celle-ci ne soit mise en oeuvre aa 

The syntactic construction used by the Notice 2015 (“The company shall ensure 
that at least two persons (...) intervene in all significant decisions before they are 
taken’), without prejudice to the particular—and certainly far from negligible— 
reference to the requirement that the persons whose duty it is to intervene in all 
significant decisions of insurance companies, before they are taken, are the same 
persons who actually direct them (at least two, therefore, chosen from among the 
general manager, deputy general managers, members of the board of directors or 
officers), does not appear to be a mere semantic variation of the definition of 
‘effective managers’ (‘dirigeants effectifs’), since the duties incumbent on those 
who effectively direct insurance undertakings—therefore, also the related powers 
granted to implement them—are enriched by a further feature, consisting of inter- 
vention in any significant decision before it is taken, generally not granted to 
‘effective managers’ (‘dirigeants effectifs’). 

The Notice 2015 do not seem to provide any indication as to whether such a duty 
is actually being performed neither with reference to the recipients on the possible 
power of intervention, nor in relation to the possible effects thereof, nor, finally, in 


Code (Article R 211-15); the general manager and the delegated general manager in organisation 
subject to the Social Security Code (R. 931-3-45-3) are effective managers as of right. 

The ‘dirigeants effectifs’ form a specific category, which is superimposed on the ordinary 
classifications of law. 

Marly (2017b), p. 42, observes that this interference raises many questions to which the regulator 
has endeavored to answer in the form of the ACPR - Autorité de Contrôle Prudentiel et de 
Résolution - Banque de France (2016). 


* The so-called ‘Four-Eyes Principle’ is not new in France. Under the Code Monétaire et Financier 
(French Monetary and Finance Code), Article L 532-9 imposes the ‘four-eyes rule’. 

It means that the portfolio management company must be effectively managed by at least two 
people with a view to guaranteeing its sound and prudent management (‘La société de gestion de 
portefeuille est dirigée effectivement par deux personnes au moins possédant l’honorabilité 
nécessaire et l’expérience adéquate a leur fonction, en vue de garantir sa gestion saine et 
prudente’). 

The General Court of the European Union, by the Judgment 24 April 2018 in Joined Cases 
T-133/16 to T-136/16, has declared that the same person may not occupy at the same time the place 
of chairman of the board of directors and that of ‘effective director’ in credit institutions subject to 
prudential supervision. 

The concept of ‘effective director’ refers to members of the senior management, a function which 
may not be combined with a non-executive supervisory function. 

See, about the so called ‘Four-Eyes Principle’ in the French legal system, AMF (2004), p. 57; 
Samin (2000); Bonneau (2005); Marly (2015); Storck (2016), p. 1. 
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relation to the presumed responsibilities that may arise from the failure to exercise 
this duty. 

Nor does the Insurance Code seem to offer any insight into the scope of the power 
to intervene in any significant decision given by the Notice 2015 to at least two of the 
persons who effectively direct insurance companies. 

Nor does the Commercial Code seem to provide for what appears to be a kind of 
veto power that could be vested in those who actually run insurance undertakings, 
given that, from time to time, they should be allowed to intervene in any significant 
decision before it is taken, as it should be possible—as a result of the power of 
intervention—to prevent the decision from being taken, or from being taken in the 
same form conceived prior to the exercise of the power of intervention itself.*° 

Yet, in the absence of any clue in the regulatory act regarding the possibility of 
reconstructing the existence of a veto power on the part of those who actually direct 
insurance undertakings, instrumental to the previous duty to intervene in any 
significant decision, there seems to be no alternative for the interpreter except to 
change the hermeneutical approach. 

To this end, it seems that the duty/power to intervene in relation to the taking of 
any significant decision by those who actually direct insurance undertakings— 
mentioned in the Notice 2015—can only be preceded by a power/duty to act in an 
informed manner.*’ 

It is the same Notice 2015—in Article 2, entitled ‘Exigences générales en matiére 
de gouvernance’ (‘General governance requirements’ )—that place the duty to act in 
an informed manner at the top of the list of elements that contribute to shaping the 
system of corporate governance of insurance undertakings, to the extent that the 
following Article 2.1 is specifically entitled ‘L’organe d’administration, de gestion 
ou de contrôle’ (‘The administration, management or control body’), as if to 
highlight the fact that the administration, management and control bodies base 
their functioning on the exchange of information not only between themselves but 
also with the members of the key functions of the companies. 

The regulatory measure, however, fulfils the legislator’s intention set out in 
Article 354-1 of the Insurance Code, in accordance with Article 41 of Solvency II, 
to provide insurance undertakings with a system of corporate governance that 
includes an effective system for the transmission of information. 


4©The reflections expressed here are evidently influenced by the experience gained in Italy in 
relation to Article 2257, paragraph II, of the Codice Civile (Italian Civil Code), which dictates ‘Se 
Vamministrazione spetta disgiuntamente a più soci, ciascun socio amministratore ha diritto di 
opporsi all’operazione che un altro voglia compiere, prima che sia compiuta’ (‘If the administra- 
tion is the responsibility of several shareholders, each managing shareholder has the right to oppose 
the operation that another wants to carry out, before it is completed’). 

“’The power/duty to act in an informed manner, after all, allows each of the responsible officers to 


exercise control over the operations of the others. 
See Storck (2016), p. 2. 
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From this reconstructive point of view, therefore, the idea that the power to 
intervene in the taking of any significant decision established in favour of those 
who actually direct insurance undertakings, from Article 2.3 of the Notice 2015, 
seems to be best interpreted as their duty to intervene (after all, the verb used in the 
French language ‘intervenir’ can be translated as both ‘to intervene’ and ‘to become 
involved’). 

Whoever becomes involved in a decision merely contributes—whether in a 
favourable or contrary way to the party or parties responsible for making that 
decision. 

However, a person who intervenes in a decision can influence the outcome. 

Assuming that those who actually manage insurance undertakings are burdened 
with “becoming involved’ in any significant decision, rather than being required to 
‘intervene’ therein, seems, on the one hand, to be a way of providing them with an 
exegesis of the regulatory measure that could protect certain subjects from the 
probable failure that a differently-oriented reading of the provision in question 
could cause during a conflict of powers between those who, for various reasons, 
are called upon to make a significant decision for insurance undertakings; on the 
other hand, it could be an adequate response to the spirit shown by the Regulator 
through the continuous call for collaboration between the top management of the 
company, which is instrumental to achieving an effective system of corporate 
governance. At the end, it could be argued that the basic requirement for being 
appointed as ‘effective manager’ (‘dirigeant effectif’) in French insurance undertak- 
ings is to be involved in strategic decisions. 

This could confirm the working hypothesis on the basis of which the idea was put 
forward that not only the directors, but also the senior managers, could be considered 
as parties included in the scope of operations of the so called ‘two eyes principle’. 


4.2 In Spain and the United Kingdom 


The contrast between company administration, on the one hand, and management, 
on the other, seems to be found intact in the provisions*® that the Spanish legislator 
dedicates to the system of government of insurance undertakings.” 


48 Articles 65-67, Chapter I, Title I, Ley 20/2015, de 14 de julio, de ordenación, supervision y 
solvencia de las entidades aseguradoras y reaseguradoras (Insurance Undertakings Act)—here- 
inafter, for the sake of brevity, referred to only as LOSSEAR, in accordance with the acronym used 
by the same legislator—as well as Articles 44—47, Chapter I, Title II, Real Decreto 1060/2015, de 
20 de noviembre, de ordenación, supervisión y solvencia de las entidades aseguradoras y 
reaseguradoras (Insurance Undertakings Regulation). 

4 The only exception is one of the final provisions of the text—namely Article 192, letter c)\—where 
they are considered jointly, when they refer to the general representative, or, in any case, to those 
who exercise powers of effective management of a foreign insurance company established in Spain. 
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Article 2 LOSSEAR—intended to delimit the perimeter of the law—in letter c) 
begins by declaring that it is addressed to natural or legal persons who, for any 
reason,” perform administrative or management functions for insurance companies. 

An unexpected clarification regarding the persons regarded as holders of admin- 
istrative and management powers, respectively, appears to be found in a sentence in 
the second paragraph of Article 24, which is devoted to a quite different aspect, 
i.e. the absence of any required administrative authorisation to carry on insurance 
undertakings. 

It does not seem essential for the moment to transcribe the entire paragraph, nor to 
provide an illustration of the premise of the legal precept that is understood as subject 
to common interpretation. 

It seems sufficient to transpose here the only sentence of the above-mentioned 
regulation that seems to provide a regulatory foothold to the uncertain assumptions 
made so far. 

This refers to the subordinate sentence ‘... como los mencionados 
administradores o directores’ (‘such as the aforementioned administrators or direc- 
tors’) placed in relation to the main sentence ‘Esta obligación sera solidaria entre la 
entidad y quienes, desempeñando en la misma cargos de administración o dirección 
...’ (‘This obligation will be jointly and severally between the company and those 
who, holding the same administration or management positions .. .’). 

The legislator, according to the sentence under review—which, now, for ease of 
understanding, is transcribed in the correct order ‘Esta obligación será solidaria 
entre la entidad y quienes, desempeñando en la misma cargos de administración o 
dirección, hubieren autorizado o permitido la celebración de tales contratos u 
operaciones, todo ello sin perjuicio de la infracción administrativa en la que 
hubieran podido incurrir tanto la entidad como los mencionados administradores 
o directores’ —in making the directors and officers of insurance companies aware of 
the liability they may incur if they were to conduct insurance business in the absence 
of administrative authorisation, refers to them as cited above (‘... como los 
mencionados administradores o directores’). 

Article 24 LOSSEAR, on the other hand, mentions for the first time the directors 
and officers of insurance undertakings,”! since it previously made a different refer- 
ence to those who perform administrative or management functions (‘quienes 
desempeñando cargos de administración o dirección’). 


50This provision could find a similar reference with Article 236.4 Ley de sociedades de capital 
(Limited Liability Companies Act), referred to the provisions on duties and responsibility applica- 
ble to the person—whatever his name—who has the powers attributed to the highest management 
of the company. 

See furthermore Juste Mencia (2016), p. 433 ff. 
5! Spanish law has not dealt with non-organic management, at least from the legal commercial 
perspective, which is insufficient to build the figure of the director within capital companies. 

See furthermore Juste Mencia (2000), p. 450; Menéndez (2003), p. 195 ff.; Latorre 
Chiner (2013). 


Corporate Governance and the So-Called ‘Four-Eyes Principle’ 19 


If those who exercise functions of administration and management of insurance 
undertakings are the ‘mentioned’ directors and officers, it would seem that the 
structure of relations between holders of administrative and management powers 
was Officially established (up to now this relation could only be unofficially based on 
a series of conjectures). 

The conceptual framework thus formulated seems to receive a decisive endorse- 
ment from the following Article 38 LOSSEAR. 

This article—which dictates the requirements that must be met by those who 
exercise the effective management of insurance companies, i.e. perform functions 
that constitute an integral part of the system of corporate governance (both concepts 
on which it is not considered useful to dwell, as their content derives directly from 
Solvency II)—in providing, in the second paragraph, an indication of those who 
exercise effective management, mentions ‘those who hold positions of administra- 
tion or management’ (‘quienes desempeñando cargos de administración o 
dirección’), to clarify immediately thereafter—in letters a) and b), respectively— 
that such positions are considered to be (i) ‘directors or members of the board of 
directors’ (‘los administradores o miembros de los órganos colegiados de 
administración’), (ii) “general managers and persons regarded as such’ (‘los 
directores generales y asimilados’), considering as general managers ‘all those 
who perform senior management functions under the direct supervision of the 
Board of Directors, executive committees or managing directors’ ( ‘entendiendo 
por tales todas aquellas personas que ejerzan en la entidad la alta dirección bajo 
la dependencia directa de su órgano de administración, de comisiones ejecutivas o 
de consejeros delegados de aquel ion 

It seems, therefore, that we can conclude that in insurance undertakings under 
Spanish law, administration is the responsibility of the ‘administradores’ (directors), 
while management is the responsibility of the ‘directores’ (senior managers).°° 

Support for this idea could also be found in Article 540, paragraph IV, letter c) of 
the Ley de Sociedades de Capital (Companies Act), which, although referring only 
to listed companies, requires an annual report to be made public providing informa- 
tion on the corporate governance structure adopted, with a distinction to be made 
between holders of directorships and management positions. 


52The characterising elements of the senior management personnel that derive from the above 
definition are, on the one hand, the exercise of powers inherent to the ownership of the company and 
related to the general objectives of the same, and, on the other hand, the performance of the same 
with autonomy, and fully responsibility, only limited by the criteria and instructions of the higher 
government and administrative bodies. 

See Martinez Moreno (1994), p. 55; Gutiérrez Garcia (2009), p. 1; Juste Mencia (2013); Latorre 
Chiner (2013). 
53The decentralisation of functions and the structural complexity of large companies lead to the 
creation of management teams that, under various names, are made up of the directors of the main 


areas of the company. 
See Juste Mencia (2006), p. 1031; Latorre Chiner (2013). 
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A significant contribution to understanding the powers of administration con- 
ferred on “senior managers’ could have been found in the Financial Services and 
Markets Act 2000% (hereinafter, for the sake of brevity, referred to only as FSMA in 
accordance with the indications of the British legislator), which, together with the 
Financial Services and Markets Statutory Instrument 2015 No. 575 (better known as 
‘The Solvency 2 Regulations 2015’), formed—until 31 December 2020°°—the 
reference regulatory framework for the application of the precepts of Solvency in 
the United Kingdom. 

The functions of ‘senior management’,~° in the case of companies subject to the 
application of the FSMA 2000, are characterised, under Section 59ZA, by profiles of 
daily management, which require the taking of decisions, or even mere participation 
in the taking of decisions.” These decisions may have serious consequences on the 
performance of the company itself, if not indeed on the functioning of the economic 
market in the whole of Great Britain.** 


54The Financial Services and Markets Act 2000 (FSMA), regulates the public offering and listing of 
shares and other securities. 

It applies to both private and public companies. 

The legal and regulatory framework which applies to private and public companies is primarily 
set out in the Companies Act 2006 and the Financial Services and Markets Act 2000. 

In addition, the Disclosure Guidance and Transparency Rules sourcebook applies to a public 
company that is listed or that has shares traded on a UK market. It sets out the disclosure guidance, 
transparency rules, corporate governance rules and certain other requirements applicable primarily 
to companies that are admitted to the Official List and traded on the Main Market (with some parts 
applying also to companies quoted on AIM). 


55The United Kingdom has ceased to belong to the European Union on 31 December 2020. 

On 5 March 2019, the EIOPA and all national competent authorities of the European Economic 
Area with competencies in insurance agreed memoranda of understanding with the Bank of 
England in its capacity as the Prudential Regulation Authority (PRA) and the Financial Conduct 
Authority (FCA) of the United Kingdom. 

The MoUs took effect starting on 1 January 2021, at the end of the transition period following the 
departure of the UK from the European Union. 

Since this date, all Union primary and secondary law no longer applies to the United Kingdom, 
including the Solvency II Directive as well as the Directive on Insurance Distribution. 

See furthermore Herbst and Lovegrove (2020). 


°°See furthermore about this topic Bournois and Livian (1997), p. 31; Sisson and Marginson 
(2003), p. 78; Koukiadaki (2009), p. 21. 


5 Deighton et al. (2009), p. 15, seem to substantiate the assertions made in this text, in the part 
where they state that ‘It is clearly not practical for the board, which includes non-executive 
members, to actually perform the day-to-day management of the company, to develop and to 
maintain the system of internal control or to undertake risk management. This is, therefore, 
delegated to the executive directors and the other senior management’. 
°8In the British insurance market system, the LMA - Lloyd’s Managing Agents (2019), although 
has been designed for Lloyd’s managing agents, was intended to highlight certain important aspects 
of the Senior Managers & Certification Regime (SM&CR). 

So, for instance, these were some of the definitions given for the holders of the Senior 
Management Functions. 

Thus, ‘Head of Key Business Area’, individuals who are responsible for the management of 
business areas and divisions that are sufficiently large and complex to have a potential impact upon 
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Ultimately, it does not seem to be the membership to the board of directors that 
distinguishes the ‘two persons’ ensuring to take every significant decision, but rather 
it is the nature of the functions performed, in relation to the type of activities carried 
out, to allow the senior managers to be involved in some aspects of the firm strategy, 
such as viability and sustainability of the business model and the establishment, 
maintenance and use of the risk appetite. 
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The Risk Management System, the Risk A 
Culture and the Duties of the Insurers’ gac 
Directors 


Pierpaolo Marano and Simon Grima 


Abstract The risk management system and the risk culture pertain to the organisa- 
tion of the insurance undertaking and face the risk, which is a multifaceted concept 
challenging such an organisation. This chapter analyses the perimeter of the risk 
management system to identify the risks that fall within this system and the persons 
who, within the insurance undertaking, are responsible for ensuring an effective risk 
management system to the supervisory authority. The chapter also investigates how 
corporate bodies can assess the head of the risk management function and the risk 
management system can incorporate risk culture. Lastly, the chapter illustrates 
concrete actions the persons with the ultimate responsibility of the risk management 
system can perform to comply with the task to promote, implement and monitor the 
risk culture. 


1 Introduction 


Solvency II, which is considered as one of the most sophisticated insurance regula- 
tory regimes is built around the principles of market consistency which aim is to 
instil strong risk management, governance and internal control systems within the 
insurance industry. It proposed to remedy the shortcomings of Solvency I by 
introducing a sweeping regulatory reform for insurance companies.’ 


'See Manes (2017), p. 111 ff.; Van Hulle (2019), p. 38 ff. See also Loguinova (2019) for an 
assessment of the ideology of Solvency IL. 
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Although Solvency II is mostly known for its risk-based capital requirement 
calculation, one of the most important elements in this regime is the heavy reliance 
on robust risk management practices.” Thus, an underlying objective for Solvency II 
is to improve the system of governance within an organisation. As stated in Recital 
No. 29 of Solvency II, ‘some risks may only be properly addressed through 
governance requirements rather than through the quantitative requirements reflected 
in the Solvency Capital Requirement. An effective system of governance is therefore 
essential for the adequate management of the insurance undertaking and the regula- 
tory system’. 

This approach is common to the EU regulation on financial services? and denotes 
the willingness of regulators to dominate uncertainty by organising market uncer- 
tainty into recognisable categories of quantifiable risks.* However, the risk manage- 
ment regulation may facilitate misperceptions about what risk management can and 
cannot do. The push towards a quantitative risk assessment based on statutory 
schemes and a fixed pattern to catch it could prevent a true risk culture based on a 
‘thinking outside of the box’ approach.° The risk management needs to move from 
mere calculation to a broader range of activities, including scenario-thinking, 
war-gaming, playing the devil’s advocate.’ 

Solvency II requires insurance undertakings to set up a risk management system 
and, therefore, enforces risk management to be embedded in the day-to-day activities 
of insurance undertakings. However, so far, several insurance undertakings have 
been focusing on improving risk measurement frameworks, rather than taking the 
opportunity to implement a real cultural change based on an intelligent understand- 
ing of the actual risks they are facing." Addressing risks proactively requires that 
insurance undertakings are aware of the current risk culture within the organisation, 
the industry and the direct and indirect effect of the wider environment surrounding 
the industry. It requires an understanding of risk and the tools available to address 
these risks. Moreover, it requires that directors are fully aware and kept abreast of 
assumptions about models used to measure and report risks, are involved in and 
understand the Own Risk Self-Assessment (ORSA), the need for a Risk Register and 
are involved in the design of and understand the stress tests and reverse stress tests 
implemented. 

However, one should be aware of the concept of risk.? Risk classification in 
insurance markets is the avenue through which insurance undertakings try to be 


? Bernardino (2011), p. 2. 

Everson and Vos (2016), p. 139 ff. 

‘Mikes (2011), p. 2. 

>Enriques and Zetzsche (2013), p. 282 ff. 

©Manes (2017), p. 110. 

7Manes (2017), p. 110. 

8See PricewaterhouseCoopers (PWC) (2019), p. 2. 


See Milkau (2017), p. on the different perspectives about risk and culture developed along the 
historical perspective. 
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efficient and compete in insurance contracts.'° Solvency II requests insurers to adopt 
a forward-looking approach for risks including those of underwriting but not limited 
to these risks. The intent is to take an enterprise risk-management approach towards 
capital standards that will provide an integrated solvency framework that covers all 
significant risk categories and their interdependencies.'' Every risk management 
process should be custom made, reflecting the firm’s profit goal, existing risk 
portfolio and risk appetite. ' Risk is a multifaceted concept, and its identification 
requires complex approaches that are often misunderstood. The consequence is that 
decisions are based on limited perception rather than the full value and meaning of 
what risk is, as a result, the way it is being tackled is incorrect. 

Since risk management is concerned with what might happen in the future risk 
managers are also concerned with creating scenarios by using models to generate: 
(i) ‘stress tests’; this involves evaluating the impact of extreme, but plausible, 
scenarios that are not considered by value at risk (VaR) or expected shortfall 
(ES) models and (ii) ‘reverse stress tests’ !?—also known as a ‘pre-mortem’,'* this 
is a managerial strategy in which a project team imagines that a project or organi- 
sation has failed, and then works backwards to determine what potentially could lead 
to the failure of the project or organisation. However, these tests are as good as the 
directors or their advisors. They depend on their experience, skills and knowledge. 
Therefore, authorising or recruiting the wrong persons can mean that the risk key 
indicators (red flags) are set and calibrated incorrectly. 

Furthermore, Solvency II pushes insurance undertakings to promote a risk culture 
alongside the setting up of the risk management function. Weaknesses in risk culture 
are often considered a root cause of the global financial crisis, headline risk and 
compliance events." A sound risk culture consistently supports appropriate risk 
awareness, behaviours and judgements about risk-taking within a strong risk gov- 
ernance framework.'® Thus, risk culture and risk management can be considered as 
the two sides of the same coin—the risk governance—and the improvement of the 
risk culture does not affect the performance of financial institutions.’ However, risk 
culture can be implemented in different ways. A cognitive risk culture, which 
focuses on improving the understanding of risk and resolving the problems by 
addressing their root cause,'® stands in contrast to compliance-based and defensive 
risk cultures. The risk culture could be implemented only to demonstrate to the 
authorities that their request is being fulfiled, or to promote professionally 


'0See Croker and Snow (2000), p. 245 ff. 
1 See Klein (2012), p. 186. 

'2 See Skipper and Kwon (2007), p. 293. 
13 See Grundke (2011), p. 71 ff. 

14 See Eisenbach et al. (2020), p. 2. 
'SESB (2014), p. 1. 

'ORSB (2014), p. 1. 

17 Bianchi et al. (2021). 

'8See Agarwal and Kallapur (2018). 
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sub-optimal or even wrong decisions for the sake of preventing lawsuits and 
blame. "° 

However, risk culture goes also beyond the regulators.” In the current economic 
environment, companies are looking for opportunities to differentiate themselves 
from their peers particularly in the area of risk management.?! Determining and 
documenting the risk culture, appetite, tolerance and strategy provide credible 
evidence, which can be used to inform regulators, clients, rating agencies and 
other stakeholders.” By promoting a common language, and structure in which to 
discuss risk culture and risk management across the undertaking,** one can envisage 
an environment where reporting, communicating and monitoring risk culture is a key 
part of public disclosures and advertising.** However, some organisations still 
currently lack this focus and consistency.” 


2 Aim and Research Questions 


The introductory remarks outlined the relevance of the risk management system 
within the governance of the insurance undertakings. A risk culture must be embed- 
ded in the governance together with risk management practices. Both the risk 
management system and the risk culture pertain to the organisation of the company 
and face the risk. The risk is a multifaceted concept, which challenges the organi- 
sation of the insurance undertaking. These remarks allow us to define the aim of this 
chapter and, ultimately, the research questions. 

The preliminary issue concerns the perimeter of the risk management system. The 
analysis aims to identify the risks that fall within this system and the persons who, 
within the insurance undertaking, are responsible for ensuring an effective risk 
management system to the supervisory authority. The risk management system 
includes the risk management function, but it does not end with the latter. Several 
people within the company might be deemed responsible by the supervisory author- 
ity and/or determine the ultimate responsibility of whoever appointed them as well as 
of the undertaking. The board of directors is responsible for managing the business 
(in all its respects) under corporate law. One should understand to what extent 
individuals bear ultimate responsibility for the functioning of the risk management 
system, including the head of the risk management function. Thus, corporate bodies 


'° See Agarwal and Kallapur (2018). 

20See Awrey et al. (2013), p. 217 ff. 

?1 See Dobrota (2012), p. 227. 

2 See MFSA (2020). 

3 See Bondesson (2011), p. 58 f. 

24 See International Finance Corporation (IFC) (2015), p. 33. 
5 See Grima and Bezzina (2021) in press. 
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including staff working within the company fall into the scope of the analysis. While 
external auditors are outside the scope. 

Based on the result of this analysis, our second research question relates to how 
corporate bodies can assess the performances of the head of the risk management 
function. Solvency II provides for a list of risks and a questionnaire and is in a sense, 
at the standardised approach/model level, prescriptive in the methodologies to be 
used to monitor and quantify the risks, although companies are expected to add-on 
other risks that the company may face (Pillar II). It is however more flexible when if 
the undertaking is using an internal model, which can only be used if the undertaking 
has proven capacity and experience and it is allowed by the regulator. We aim to 
understand if these lists, questionnaire and models are exhaustive. How can one 
understand ex-ante if methodologies adopted by the head of the risk management 
function are adequate? 

Understanding risk should be part of the corporate culture. Risk culture defines 
how a company’s management and employees understand risk and manage it to 
maximise rewards.”° If the risk management function is part of the risk management 
system, the risk culture should concern all the operational units that are exposed to 
the risk considered under the risk management system. Thus, risk culture is a 
component of the risk management system.” Such a culture needs to be promoted, 
implemented and monitored,” and persons are responsible for these processes.~” 
With this analysis, we will therefore investigate the third research question, that is, 
the concrete actions that can be performed by the persons with the ultimate respon- 
sibility of the risk management system to comply with the above task.°*° 

Based on the above, the next section aims to answer the first research questions 
and, therefore, will investigate both the perimeter of the risk management system and 
the legal foundations of the duties imposed on the persons who are responsible for 
that system to the supervisory authority. In the following two sections we will 
recommend and suggest solutions to address the other two research questions. 


?©Shimpi and Klappach (2013), p. 205. 

?7 See Palermo et al. (2017), p. 164 ff., who developed a model of risk culture dynamics. 

°8See Sheedy et al. (2019), who provide the first empirical evidence on how risk compliance is 
affected by financial incentives and organisational culture. 

°° Shimpi and Klappach (2013), p. 208 f., identifies six important dimensions of an effective risk 
management culture and outline that leadership is crucial to everyone. 

3°On the internal auditing approaches to risk culture, see Sinha and Arena (2020), p. 81 ff. See also 
Ring et al. (2013), pp. 364 ff., on the potential use of financial notices as a means of communicating 
how the regulator interprets the relevance of (risk) culture in an organisation; in particular, the 
nature of behaviours and actions which might signal what a good or bad (risk) culture looks like. 
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3 The Perimeter of the Risk Management System 
and the Persons Who Are Responsible for Its Functioning 


Solvency II sets forth that the ‘administrative, management or supervisory body’ 
(AMSB) of the insurance (or reinsurance) undertaking has the ultimate responsibility 
for the compliance, by the undertaking concerned, with the laws, regulations and 
administrative provisions adopted according to Solvency IL.*' Also, Solvency II 
requires all insurance (and reinsurance) undertakings to have in place an effective 
system of governance that provides for sound and prudent management of the 
business.” That system must include among other things compliance with the 
requirements to have in place an effective risk management system comprising 
strategies, processes and reporting procedures necessary to identify, measure, mon- 
itor, manage and report, continuously the risks, at an individual and at an aggregated 
level, to which they are or could be exposed, and their interdependencies.** 

The introduction of rules and principles addressed to the corporate bodies of 
insurance undertakings must consider the absence of a uniform structure of corporate 
governance in the EU. Solvency II reflects this lack of harmonisation using the 
generic term ‘administrative, management or supervisory body’ (AMSB) when sets 
forth rules involving corporate bodies.” Although the board structure is a matter of 
national law, the term AMSB covers both the unitary (one-tier) board structure and 
the dualistic (two-tier) board structure, which are the recurring board structures in the 
Member States and regulated by their respective national laws. Where no specific 
body is specified in national law, the regulatory framework issued under Solvency II 
provides that the term AMSB means the management body.” 

The AMSB has the ultimate responsibility of the system of governance compris- 
ing the risk management system. Thus, AMSB is responsible for the proper func- 
tioning of the risk management system. Consequently, European legislation requires 
national regulations to identify a corporate body within the AMSB, which is 
responsible for the system of governance, including the risk management system. 
Furthermore, the responsibility towards the supervisory authority is established for 
the whole corporate body as identified by national rules.*° Thus, it should not be 
possible to distinguish between the responsibility of the executive and non-executive 
directors within the management body. European legislation seems to establish their 
joint responsibility towards the supervisory authority for the compliance to Solvency 


3! See Article 40 of Solvency II. 
32 See Article 41(1) of Solvency IL. 
33 See Article 44(1) of Solvency IL. 
*4See Van Hulle (2019), p. 402. 


See Article 1 (43) Commission Delegated Regulation (EU) 2015/35 of 10 October 2014 
supplementing Solvency II. 


36See EIOPA, Guidelines on system of governance, Guideline No. 17, available at https://www. 
eiopa.europa.eu/content/guidelines-system-governance_en. 


The Risk Management System, the Risk Culture and the Duties of the. . . 31 


I, including the system of governance/risk management system. This, regardless of 
what may be provided by national corporate laws. 

Being part of the system of governance, the risk management system pursues the 
same purpose as the first, which is to ensure sound and prudent management of the 
business. 

The meaning of sound and prudent management of the business should be 
understood, having in mind that the main objective of insurance and reinsurance 
regulation and supervision in the European Union is the adequate protection of 
policyholders and beneficiaries.” Financial stability and fair and stable markets are 
other objectives of insurance and reinsurance regulation, and supervision that should 
also be considered but should not undermine the main objective.” Therefore, 
adequate protection of policyholders has not only a ‘passive’ meaning consisting 
of pursuing management of the insurance undertaking that ensures its solvency. 

Such protection also has functional significance as clearly expressed by the 
Directive 2016/97 on insurance distribution (IDD). This Directive sets forth that 
when carrying out insurance distribution, insurance distributors always act honestly, 
fairly and professionally in accordance with the best interests of their customers.*” 
This principle does not refer only to business conduct but also involves the 
manufacturing of insurance products.*° The IDD sets forth product oversight and 
governance requirements (POG) under which manufacturers must maintain, operate 
and review a process for the approval of each insurance product to ensure that 
insurance products meet the needs of the target market. ! Thus, the sound and 
prudent management of the business requires insurers not only to ensure their 
solvency, but also to design products matching the interests and needs of their target 
market, and to distribute such products to the relevant target market. 

Solvency II provides that the risk-management system must cover the risks to be 
included in the calculation of the Solvency Capital Requirement, as well as the risks 
which are not or not fully included in the calculation thereof.“ Some risks may only 
be properly addressed through governance requirements rather than through the 
quantitative requirements reflected in the Solvency Capital Requirement. An effec- 
tive system of governance is therefore essential for the adequate management of the 
insurance undertaking and the regulatory system.**? Thus, Solvency II requires 
insurance undertakings to have in place an effective risk-management system to 


37 See Recital No. 16 of Solvency II, where the term beneficiary is intended to cover any natural or 
legal person who is entitled to a right under an insurance contract. 


38 See Recital No. 16 of Solvency II. 
3° See Article 17(1) of IDD. 


40 See Joint Position of the European Supervisory Authorities on Manufacturers’ Product Oversight 
& Governance Processes, at point 22. The Joint position is available at https://www.eba.europa.eu/ 
documents/10180/15736/JC-2013-77+%28POG+-+Joint+Position%29.pdf. 
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* See Recital No. 19 of Solvency II. 
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identify, measure, monitor, manage and report, continuously, the risks to which they 
are or could be exposed, and their interdependencies.““ The IDD complements this 
provision. The set of rules on POG requests undertakings to manage the risks 
inherent in poorly designed or improperly distributed products by avoiding the 
manufacturing and offering of worthless products to customers, and imposing 
remedial actions in case it happens.“ POG meets the goal of increasing customer 
protection by aligning the approach to products with the approach to capital require- 
ments as introduced under Solvency 1.46 

In conclusion, the system of governance comprising the risk management system 
should be able to address all risks of insurance undertakings, that is, those related to 
the solvency and the risks inherent to the quality of products and their distribution. 
The list of risks provided by Solvency II must be complemented with those related to 
the manufacturing and distribution of the insurance products as arising under the 
IDD and implementing national laws.*’ 

The risk management system must be effective and well-integrated into the 
organisational structure and in the decision-making processes of the insurance 
undertaking with proper consideration of the persons who effectively run the 
undertaking or have other key functions.“ These persons are the members of the 
AMSB, taking into account national law, as well as members of the senior manage- 
ment.*” EIOPA clarified that the AMSB is other than the senior management, which 
includes persons employed by the undertaking who are responsible for high-level 
decision making and for implementing the strategies devised and the policies 
approved by the AMSB.”° 

The AMSB appoints the senior management including the head of the risk 
management function after a positive fit and proper assessment and is responsible 
for evaluating reports on risk exposures submitted from the head of the risk man- 
agement function. Reports and activities will include both the risks to be included in 
the calculation of the Solvency Capital Requirement as well as the risks which are 
not or not fully included in the calculation thereof including those related to the 
manufacturing and distribution of products. These statements introduce the first list 
of issues outlined earlier concerning how the AMSB can (i) assess the fitness and 
properness requirements of the head of the risk management function and 


4 See Article 44(1) of Solvency IL. 

45 See Marano (2020), p. 65. 

46 See Marano (2020), p. 65. 

47 On the impact of IDD on distribution risk management, Bravo (2020), p. 359 ff. 

48 See Article 44(2) of Solvency IL. 

4 EIOPA, Introduction, Guidelines on System of Governance, 2014, at point. 1.21., is available at 
https://www.eiopa.europa.eu/content/guidelines-system-governance_en. 
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performing tasks related to a key function, and ‘key function holders’ who are the persons 
responsible for a key function as opposed to persons having, carrying out or performing a key 
function. 
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(ii) understand ex-ante if methodologies and questionnaires adopted by the head of 
the risk management function are adequate. 

Furthermore, the risk management function is a (key) component of the risk 
management system as a control function but does not incorporate the whole system 
which also refers to the business units. 

Solvency II does not specifically recognise the ‘three lines of defence’ model as 
developed by the Institute of Internal Auditors (IIA) and based on the framework for 
evaluating internal controls elaborated by COSO.*! According to the latest version 
elaborated by the IIA,” this model consists of the first line provided by front line 
staff and operational management, i.e. those providing products/services to clients, 
where the business units have to anticipate and manage risks at the operating level. 
The monitoring of risk is the second line, which is provided by the functions of risk 
management and compliance. These functions provide the oversight and the tools, 
systems and advice necessary to support the first line in identifying, managing and 
monitoring risks. Because of the specific nature of insurance, where the liabilities 
side of the balance sheet is more important, the actuarial function is added to this 
line.’ The third line is provided by the internal audit function. This function pro- 
vides an independent review that the risk management, internal control and actuarial 
function framework is working as designed. 

The three lines model has been challenged promoting four lines of defence, five 
lines of defence or the integrated lines of defence.** An analysis of criticism and a 
discussion on the most efficient defence model for insurance undertakings is outside 
the scope of this essay. 

Nonetheless, the legal framework introduced under Solvency II sets forth the 
insurance undertakings must establish information systems that produce complete, 
reliable, clear, consistent, timely and relevant information concerning the business 
activities, the commitments assumed and the risks to which the undertaking is 
exposed,” and ensure that all personnel is aware of the procedures for the proper 
carrying out of their responsibilities.” To that end, the risk management function 
includes the tasks of assisting the AMSB (and other functions in the effective 
operation of the risk management system)’ and monitoring the risk management 


5! See Van Hulle (2019), p. 408. 


x IA, IIA’s Three Lines Model. An Update of the Three Lines of Defense, June 2020 available at 
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system and the general risk profile of the undertaking as a whole." The AMSB has 
the ultimate responsibility for ensuring the effectiveness of the risk management 
system.” Such responsibility means ensuring that there is a coordinated and inte- 
grated approach to the risk management system and a common ‘risk language’ with 
the right tone from the top.°° Business units are, therefore, the first line of defence 
within the risk management system introduced under Solvency II. These units are 
embedded in the risk management system being requested to deal with the risks 
inherent to their functions. The risk management function must support the business 
units by providing them with the tools that are pertinent to the management of these 
risks. 

Since the ultimate responsibility of the risk management system lies on the 
AMSB, the latter should not rely solely on the support provided by the risk 
management function to the business units. The AMSB must play an active role in 
promoting and monitoring the implementation of risk culture across the company. 
This statement is in line with the Insurance Core Principles (ICPs) issued by the 
International Association of Insurance Supervisors (IAIS). The ICP 8 refers to Risk 
Management and Internal Controls and provides that the risk management function 
must be capable of assisting the insurer to promote and sustain a sound risk culture 
(see Standard 8.1.). The reference to the capability of ‘assisting’ the insurer should 
exclude that the risk function has the specific task and the related liability to promote 
the risk culture. This conclusion opens up the other research question consisting of 
how the AMSB can assess the performances of the head of the risk management 
function. 


4 Identifying Risk and Managing It 


A starting point for addressing risk should be the understanding of what is consid- 
ered as a risk in the context of the undertaking and the direct and indirect effects over 
its objectives. Risk is a multifaceted concept, and its identification requires complex 
approaches that are often misunderstood. The consequence is, that decisions are 
based on limited perception rather than the full value and meaning of what risk is, as 
a result, the way it is being tackled is incorrect. Moreover, individuals do not 
embrace the full multifaceted nature of risk.°! Regulators impose on directors and 
individuals, norms and checklists, overuse, or misinterpret the value of models, 
simulations and templates; thereby reducing responsibility and capability for inno- 
vative decision-making. At the same time, the wider use of technology and rules 


58 See Article 269(1) let. b) and c), Commission Delegated Regulation (EU) 2015/35 of 10 October 
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reduces the critical thinking of directors and individuals. We advance the automation 
process by building robots that follow protocols and forget about the part of risk 
assessment that cannot be programmed. Therefore, before the risk management 
process can start, one needs to define, understand and communicate the objective, 
then determine the risks that can affect this objective and identify the controls in 
place. Regulations and respective guidelines to define this process but forget to 
address the meaning and context of risk.°* The framework introduced under Sol- 
vency II mentions that we need to address, Market Risk, Settlement Risk, Liquidity 
Risk, Credit Risk, Interest Rate Risk, Model Risk and any other Business Risk, 
etc., and it does go into great detail on how to address these risks and their 
definition but there is no mention of the definition of risk itself. That is, when risk 
is a risk or risk is not a risk.“ 

Although there are various definitions of risk, the best working definition is that 
of ‘uncertainty that matters because it can affect one or more objectives’.©° This can 
be simplified into two ingredients ‘Uncertainty’ and ‘Materiality’.°° This should be 
the main guideline provided by regulators to AMSB.°’ In fact, in risk management, 
we look at three forms of knowledge and non-knowledge associated with risk, which 
need to be understood. Known (K) risk, the Unknown (u) risk and the unknowable 
(U) risk. The first type of risk (K) can be measured, and any disruption forecasted 
and may be established from prior experience, are understood and appreciated. 
These events are normally a result of incompetence. The second type (u) are the 
most commonly encountered situations, but the extent and full implications remain 
unclear due to the lack of judgment. These events may be quantifiable, but the time 
of occurrence is unknown. They are events where the location, timing and extent of 
the event are difficult to quantify. The third type of risk (U) are events that are 
difficult, if not impossible, to model due to lack of knowledge in hand. To manage 
unknowable risks, companies should ensure business processes remain flexible, 
ensuring variable costs, and diversifying across products and markets whenever 
possible. This type of uncertainty is quantifiable by using simulators that make 
what is implicit explicit, but there is no availability of data.°* 

Regulations are there to guide and trigger thinking. However, the thinking needs 
to be done at the level of the undertaking; where it is expected that the personnel and 
the directors are well equipped with knowledge and experience that enables them to 
determine objectives and risk-taking that are in line with the appetite and tolerance of 
the stakeholders/shareholders and that this is communicated appropriately down, up 
and across the undertaking. Regulators must not do the mistake of micro-managing 


©? PricewaterhouseCoopers (PWC) (2019), p. 5. 
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undertakings by imposing authorisation judgements on who is appropriate or 
authorised for specific positions, and what and how to address risk. This responsi- 
bility should remain the onus of the AMSB.°? 

As noted above regulations require that an insurance undertaking has a risk 
management function and employs a risk manager or risk team to carry out the 
day-to-day responsibility of this function on behalf of the directors. Regulations 
offer a framework through Solvency II and the respective ORSA to address risk in an 
insurance undertaking, but this is far from solving the problem of ensuring that this 
responsibility is carried out appropriately. The risk manager is a regulator-approved/ 
authorised position and in some cases can also fall under the responsibility of a Risk 
Committee, but the ultimate responsibility is always that of the AMSB. Therefore, 
the determination of whether the function and the personnel are appropriate is that of 
the AMSB. However, there is no clear-cut answer to this question, and many a time 
the reliance is based on the suggestions of advisors built from their understanding of 
what the regulator would accept as a person’s qualifications and experience. Besides, 
unless on the AMSB there is someone who understands the need for risk manage- 
ment, the function becomes perfunctory and bottom-up, with little feedback and 
challenge, or on the other hand, it can take the opposite scenario of challenging the 
wrong things. 

The problem is that risk management is not considered as a profession in its own 
right, and education, experience, associations, institutes and standards are vast. The 
only common requirement in the case of insurance undertakings is Solvency II and 
the guidelines and rules that form around it. Regulatory authorisation requirements”? 
do not distinguish between qualifications that are focussed mainly on monitoring or 
setting up policies and procedures, those that are focussed on measurement and 
statistical models, those that are focussed on monitoring, and those that are focussed 
on management. That is, a Director who takes on any type of corporate position such 
as Risk Manager, Internal Auditor, Compliance Officer, MLRO, Valuation Officer, 
Portfolio Manager, or sits on some committees, needs to obtain authorisation from 
the regulator—one needs to prepare a Personal Questionnaire and then obtain 
authorisation by the regulator. This is a requirement of the licence application and 
ongoing procedure.’! 

A complete risk manager should have all these skills; that is, (1) understanding 
models and their assumptions, (2) ability to document procedures, standards and 
policies to ensure they are within the appetite of the undertaking’s stakeholders 
(3) ability to communicate up and down and across the undertaking, (4) ability to 
understand and advise on risks and (5) ability to lead and manage proactively to 
ensure continuity.’ 


© See Grima (2017), pp. 60 ff. 
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To ensure this, the AMSB needs to have a wide-angle scan of these needs and 
before recruiting ensure that the risk function has players that can offer these 
assurances or put in a structure that can ensure this is happening within the risk 
management function. Risk management is not about one person or more taking up 
that position but about the whole team of employees working together to achieve the 
objectives. It is about communication and acceptance of objectives and the determi- 
nation or ‘buy-in’ of everyone to achieve them. 

Unfortunately, the absence of this profession and the potential lack of people with 
this skillset in some Member States leads directors to look at other professions to fill 
this profession, such as economists, lawyers and accountants who might have taken 
a short course and a few years of on-the-job training. Even with training, most of the 
time, their mind-set is either on models and model building or financial or 
policymaking but lack the management skills and the ability to innovate.” 

It is important to note this since it explains why the mistake is being done— 
people with the wrong skillsets are asking and teaching people to have the wrong 
skillsets. That is, to replicate themselves. That is, ‘what goes in goes out’. One is 
addressing a new area with the eyes of an old skill/profession, which to such an 
extent is reactive. If these professions are to understand and address the problem they 
need to open up to the wider context and think outside their comfort zone or else we 
will continue to face the same issues we face today—may be a more modern version 
of the same problems. Similar cases with similar governance issues causing failure or 
large losses but using more modern techniques. ”* 

It should also be noted that the lack of adequate professionalism in risk manage- 
ment is not a matter inherent only to the responsibility of the AMSB towards the 
supervisory authority of the Member State in which the insurer is based. In the case 
of cross-border operations, the lack of professionalism of the risk manager could 
jeopardise compliance with the obligations undertaken by the insurer towards 
policyholders in the host Member State. 

We believe that ultimately, risk management is about character and culture and 
the AMSB can only fully understand, determine and recognise the fitness and 
properness of a risk management function if common explicit standards are deter- 
mining the skillsets of the risk manager by embedding this into a profession. 
Regulations only talk about the function of the risk manager but forget the skillset 
or are—as noted above—incorrectly filling this gap with the wrong skillsets.’° 
Skillsets that look only at education and forget the other necessary characteristics 
necessary to reach objectives such as an aligned appetite and tolerance and a 
common culture. Maybe, this is also, because authorisation/approval, is determined 
by persons who do not have enough knowledge of what this skillset should 
be. However, the AMSB does not define and understand what risk is and base 
their knowledge on regulators, who give them a recipe of what to look out for—so 
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75 See Grima and Bezzina (2021), in press. 
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they do not use their minds to think but satisfice and do what they are told. However, 
the regulator himself/herself does not know how to determine risk because s/he does 
not have the correct skillset to do so and there is no one singled out profession, which 
can be identifiable in law as a risk profession, similarly to other professions.’° 

It is not surprising that most persons working in a risk function do not know how 
to define risk, let alone how to manage it.” Defining the role of the Risk Manager in 
law as a separate focussed profession would strengthen the profession, by 
standardising the training and knowledge requirements, the required responsibilities, 
and thereby the skillset required, putting them on the same level as other professions 
even in the eyes of the regulators. 

Regulations should be there to reach objectives without hiccups—however if the 
objectives are incorrect because they are addressing different objectives. Lawyers 
have one perception of what is risk and what are the objectives, Accountants have 
another, Economists have another, and they are the people addressing the require- 
ments and drafting regulations—these people are all reactive by nature. Therefore, 
where is the Risk Managers’ skillset in all this, where is the proactivity?’* You do 
not address a risk after it happens, because if you know about it because it happened 
before, you can manage it, and therefore as noted above it is not a risk. For example, 
the underwriter takes risks he understands a calculated risk to make a profit. The 
other party who does not want can manage it.”” 

However, Solvency II is driving changes in insurance undertakings, that is, from 
the AMSB through to wider organisation. For directors, and particularly 
non-executive directors, this means getting closer to the business. Has the industry 
(regulators and educators) understood that what was good a few years ago is now 
day irrelevant? The directors must be simultaneously entrepreneurial and drive the 
business forward while keeping it under prudent control. Apart from the education, 
character, experience and charisma of the individual member, one needs to deter- 
mine how these fit in as a team and this cannot be something determined by 
regulations or micro-managed by the regulator.*° 

Solvency II makes it clear that the AMSB is not able to delegate its responsibil- 
ities, and individual directors! must be able to explain the decisions taken by the 
undertaking. The corollary of their position is that the existence and requirement of 
having a risk management function demands the board to have risk expertise; 
therefore, requiring expertise at the board level in every area or function within the 
undertaking. 

These obligations are creating tension and challenges within undertakings, put- 
ting a lot of stress on the directors. Therefore, in our opinion, there is a need for a risk 


7©See Grima and Bezzina (2018), pp. 3 ff. 

77 See Girlando (2021), in press. 

78 See Grima and Thalassinos (2020b), pp. 121 ff. 
7° See Hillson (2018), p. 7. 

80 See Baldacchino et al. (2020), p. 6. 

81 See Solvency II Wire Data (2011). 
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management profession and for expanding the directors’ skillset. This should com- 
pile all standards and frame the understanding of their expected function and skillset 
as already mentioned above.** Without this, the AMSB is at the mercy of the 
regulators and the knowledge, character and experience of the person leading the 
risk management function. Whether s/he is fit and proper or not is another question. 


5 Importance of Performing and Communicating a Risk 
Culture Diagnostic 


Inappropriate risky behaviour beyond the appetite of stakeholders can destroy the 
reputation, value and the undertaking.*? This is why processes and oversight struc- 
tures to control the level of variability from this appetite is so important. However, 
unfortunately, regulations and directors forget or ignore the attitudes and behaviour 
of decision-makers and the reasons why they make specific decisions. Shaping the 
risk culture, maybe through policies, procedures, standards, and communications 
ensure that business risks such as reputation and strategy are managed appropri- 
ately.** Both are important since reputation and following an inappropriate strategy 
can destroy an undertaking. Regulations do focus on the risk management function 
on this risk and do point out that these risks need to be addressed appropriately and 
processes and policies documented and structured appropriately. Regulators, to a 
certain extent, do micromanage this during onsite visits.*° 

If the AMSB makes risk culture diagnostics a priority, then there is quicker buy-in 
throughout the undertaking. There needs to be soliciting of views from employees 
with a message that management believes in the empowerment of all members and 
that this is a priority. Objectives should be clear and the focus of all. Communication 
of the risk culture should be a priority on the leadership agenda, and lack of 
awareness, indifference or disregard for this should not be tolerated. 

Humans are very sensitive to signals arising from how an organisation reacts and 
behaves. If ignoring limits, failure to complete risk reports, or disregard for processes 
is tolerated and not identified, monitored and corrected, then the undertaking risks 
perpetuating a cavalier attitude to risk and control throughout the undertaking.*° 

In some cases, it has been difficult to engage with the AMSB on risk management 
as the focus is often on the technical details around risk measurement. However, the 
results of the diagnostic should be visual and qualitative, making it easily commu- 
nicated and, hence, encouraging engagement. That is, to ensure that risk manage- 
ment is not lost in translation and that uncertainties are documented, communicated 


®? See Grima and Bezzina (2018), pp. 3ff. 

83 See International Finance Corporation (IFC) (2015), p. 64. 
84 Bonime-Blanc and Ponzi (2016), pp. 16 ff. 

85 See Dalli Gonzi (2019), pp. 113 ff. 

86 See Doff (2008), p. 205 f. 


40 P. Marano and S. Grima 


and addressed efficiently and in line with the appetite set at the strategy stage.*’ 
Benchmarking also provides the context of the results of similar undertakings. The 
better-informed one is about what others are doing, the better one is at designing a 
gap analysis for decision-making.** 

All results, findings and discussions need to be analysed at various levels, 
depending on data capture, and used to identify ‘red flags’ needing remedial action 
whether this is by business unit or function. Tools used for reporting and addressing 
risk should be user-friendly and enable personnel to engage in understanding risk 
culture in their part of the undertaking and encourage constructive dialogue on 
improvement. However, for this to hold, employees must feel secure to answer 
truthfully and this is best achieved if this is coming from the top and communicated 
well.” 

Solvency II, if interpreted well, does promote all this. However, many undertak- 
ings are still not recognising the need to improve governance, as this is a change in 
mentality and may relate to an overhaul of the system of governance, the need to 
invest, and a change in mentality. Therefore, sometimes even because of the lack of 
proportionate in the approach and the enforcement of the requirements, Solvency II 
is seen as a perfunctory function and not as a competitive edge. 

Relying on processes and formalised controls will not be enough to give the 
confidence that an organisation is capable of state-of-the-art risk management. There 
will always be ways to circumvent the models, systems and controls as we see from 
some of the cases found in the literature, such as those of Long Term Capital 
Management, Barings Bank, Societé General and many others.”” It is, therefore, 
necessary for the AMSB to encourage a strong risk culture where employees are 
risk-aware, understand the consequences of their decisions, and are confident to raise 
objections when necessary. Unfortunately, there is no hard and fast rule or fixed 
methodology to ensure this and the AMSB has the task of putting in measurable and 
realistic objectives with the help of the risk manager, which recognise uncertainties 
and ensuring that these are addressed responsibly and with integrity. 

That is: 


e Objectives must be stated, and achievements measured. 

e Information related to the achievement of objectives should accurately present the 
facts. 

e The objectives should be updated regularly, ongoing and sustainable. 

e Uncertainty about the future should address both dangers and rewards. 

e Being wrong should be acceptable but must be communicated and addressed 
thoughtfully and rigorously. 


87 Kruf (2019), pp. 24 ff. 

88 Kruf (2019), pp. 27 ff. 

8° See Bondesson (2011), p. 22 f. 
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Regulations, Ethics and Standards 
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2 


Governance Management and Structures 


Risk Management 


Fig. 1 The risk management system (Source: Authors’ own compilation) 


e Mandatory and voluntary promises must be maintained, measured, monitored and 
oj 
ensured. 


Risk culture is not static and should be actively challenged to encourage contin- 
uous improvement. This cycle must be continuously improving by allowing man- 
agement to benchmark against other undertakings, track own performance over time 
and provide results at a sufficiently granular level so that remedial action can be 
applied. Although change does not happen overnight, Solvency II is an opportunity 
to improve the risk culture within insurance undertakings. However, to do that, 
insurers need to grasp this opportunity and understand that risk management system 
is not only one person, but it is a system, that is the result of many other functions 
working together to reach common objectives with the least hiccups in a sustainable 
manner” (vide Fig. 1). 

Moreover, one needs to consider the starting point of the undertaking and 
proportionality when determining the action to be taken to deciding on how to 


°! See Bondesson (2011), p. 41 f. 
°? See Krivkovich and Cindy (2013), pp. Lff. 
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ensure a culture change.” This since, although, the above list is generalisable, not all 
actions may be applicable, and some circumstances might require a different 
address.”* 


6 Conclusion 


Solvency II does provide methodologies, guidelines, and suggestions to measure, 
monitor, and manage risks. However, these can misguide directors into believing 
that these are exhaustive, and following these requirements will ensure that we are 
immune from trouble or danger of loss. As noted above, this is not the case. Far from 
it, the AMSB needs to understand the risk their undertaking is facing and impose 
ex-ante adequate and proportional methodologies to mitigate unwanted risks and 
monitor those risks that they are willing to take. 

To do this, the AMSB must understand the culture of the undertaking and its 
personnel to determine the adequacy to meet objectives. Adequacy in terms of 
character, education and experience. That is the fitness and properness of the team. 
Although this task is sometimes delegated to the Human Resource Manager, the 
AMSSB has to have a full view of the delegated task.” 

Another important task should be that of ensuring that all policies and procedures 
are documented and reviewed periodically and in line with the strategy of the 
undertaking. Everything needs to focus on the objectives and appetite and tolerance 
of the stakeholders and within the mandatory regulatory parameters. 

Once these are complete, the communication lines should be addressed to ensure 
that any risk, variance from the appetite, and tolerance are communicated to the 
AMSB in a time and through the set communication channels depending on the 
importance/materiality as decided by the AMSB. Any noise suppressing this com- 
munication, such as internal politics should be tackled immediately and stopped. 

This shows the importance of having a governance structure with internal con- 
trols that are proportional to the size and responsibility of the undertaking, based on 
the licensable activity it is providing. Although the chosen persons are important and 
their experience and qualifications are important factors in ensuring the adequacy of 
the governance structure to meet objectives set, it is the way they fit together and 
their buy-in to the project and objective to ensure the appropriate communication, 
integrity, responsibility and sustainability of the set objectives of the undertaking.”° 

The makeup of the AMSB might well need to change with at least one person 
with risk management and knowledge of internal controls. However, such senior 
people are in short supply, and it is doubtful there are many of them in some Member 


?3 See Grima and Thalassinos (2020b), pp. 120 ff. 
4 See Grima (2019), p. 223. 
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States, where Risk officers with knowledge and experience on financial modelling, 
regulations and internal controls within the insurance industry, is less developed and 
the number of suitably qualified senior staff is low. As noted, this lack of profes- 
sionalism in one Member State risks spreading to other States in the case of cross- 
border activity of the insurer concerned. 

The solution for having an appropriate and effective AMSB is not something that 
can be developed overnight just by implementing regulations, but one needs to take a 
deeper look at the environment and the developments required to arrive at such. 
Education plays an important part in all this, and regulation needs to push in that 
direction to ensure that this is brought in line with the new needs; coupled with 
driving, providing and setting of a European professional status (embedded in the 
law) for these new skillsets. Moreover, national regulators need to be put in a 
position to apply the principle of proportionality without fear. Until this is achieved, 
directors, risk managers and regulators will continue to doubt whether what they are 
doing is enough and in line with requirements, and fear and confusion will continue 
to reign. 
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Abstract This chapter is devoted to the role and significance of the compliance 
function in an insurance undertaking. This chapter presents selected models of 
compliance functions in European insurance undertakings. The main assumption 
of the chapter was an attempt to determine the importance of the compliance 
function in the process of managing the risk of non-compliance by means of the 
functioning and organisation of this unit within the structures of an insurance 
undertaking. 


1 Introduction 


The systematic increase of legal and supervisory requirements imposed on financial 
institutions, including insurance undertakings, results in a proportionate increase in 
their exposure to the risk of financial and non-financial losses due to expectations of 
supervisory bodies and violations of certain legal obligations. The risk of 
non-compliance in financial institutions should be defined as the risk of failure to 
comply with applicable law, internal regulations and accepted standards of conduct. ' 
The above definition was adopted by the Polish Financial Supervision Authority 
(KNF) in Resolution No. 258/2011 of 4 October 2011 with regard to the banking 
sector.” However, it seems to have a universal character, applicable also to other 
financial institutions. In the case of non-compliance, the infringer incurs financial 
sanctions and can lose its reputation and credibility. 


! Cichy (2015), pp. 7-8. 
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Conducting business activity in accordance with applicable laws, internal regu- 
lations and supervisory expectations is undoubtedly part of what makes up safe, 
stable and prudent governance of an insurance undertaking. The legislators qualify 
the compliance function in the insurance undertaking as a key function which is a 
part of the insurance undertaking’s governance system. There is no doubt that, with 
an increasing number of regulations, the role and significance of the compliance 
function in the insurance market will systematically become more prominent, as was 
the case with more developed areas of the financial market. 

The aim of this chapter is to attempt to determine the importance of the compli- 
ance function in the process of managing the risk of non-compliance in an insurance 
undertaking through its functioning and organisation within the structures of insur- 
ance undertakings. The chapter was drawn up based on the literature discussing this 
subject matter and in the light of national and European regulations relating to the 
compliance function in an insurance undertaking. The chapter also considers the 
Polish supervisory expectations addressed to financial institutions, especially to in 
this respect. Considerations devoted to risk management process were also presented 
taking into account solutions applicable in banks.* 


2 The Compliance Function in an Insurance Undertaking 
in the Light of Polish and European Insurance Law 
and Polish Supervisory Practice 


2.1 European Insurance Law 


The compliance function in insurance undertakings was separated and shaped 
because of the entry into force of the Directive of 25 November 2009 on the 
taking-up and pursuit of the business of Insurance and Reinsurance (Solvency ID) 
(OJ EU L of 17 December 2009).* In the Recitals (No. 30) of Solvency II, the 
European legislator has clearly indicated that an insurance undertaking’s governance 
system includes the risk-management function, the internal audit function, the 
actuarial function and the compliance function. An effective system of governance 
is essential for proper management of insurance undertakings.” It is worth noting that 
ineffective internal control systems, of which compliance is an element, were 
significant fraud factors in banks.° In this context, it is worth pointing out that 
according to the de Larosiére High Level Group report on the future of financial 


3Hull (2011) and Iwanicz-Drozdowska (2017). 


‘Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on 
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supervision in the EU, corporate governance was among the most important ele- 
ments underlying the financial crisis.’ The management system of the insurance 
undertaking has been identified as crucial in the light of Solvency II, which states 
that “Some risks may only be properly addressed through governance requirements 
rather than through the quantitative requirements... An effective system of gover- 
nance is therefore essential for the adequate management of the insurance undertak- 
ing and for the regulatory system.” The report by Sharma et al. (2002) identified a 
causal relationship between undertakings that fail and those that are inherently 
vulnerable due to ‘underlying management weaknesses or operational weaknesses’. 
Good governance practices and strong risk management are therefore essential 
aspects of a prudential regulatory framework.’ 

The compliance function in the light of Solvency II is an element of the internal 
control system, which also includes administrative and accounting procedures, the 
organisation of internal control, appropriate reporting arrangements at all levels of 
the insurance undertaking. The compliance function itself, in accordance with 
Article 46(2) of Solvency II, includes advising the administrative, management or 
supervisory body on compliance with the laws, regulations and administrative pro- 
visions. It also allows for an assessment of the possible impact of any changes in the 
legal environment on the operations of the undertaking in question as well as the 
identification and assessment of compliance risk. 

The legal provisions and supervisory expectations impacting the shape of the 
compliance function in insurance undertakings include, most notably: 


e Commission Delegated Regulation (EU) 2015/35 of 10 October 2014 
supplementing Solvency II 

e European Insurance and Occupational Pensions Authority (EIOPA) guidelines on 
the governance of insurance undertaking 

e International standards for the conduct of insurance business activity and princi- 
ples of insurance supervision, issued by the International Association of Insur- 
ance Supervisors (IAIS) 

e ISO 19600:2014 


The international standards for the conduct of insurance business activity and 
principles of insurance supervision, issued by the International Association of 
Insurance Supervisors (IAIS), are among the noteworthy regulations impacting the 
shape of the compliance function in an insurance undertaking. In Guideline 8.4, the 
IAIS recommends that insurance undertakings should have an effective compliance 
system in place which is to support the insurer in meeting its legal and regulatory 
obligations and promote a culture of compliance. To fulfil the above-mentioned task, 
the management board should adopt a code of good practice which will serve as a 


7de Larosiére High Level Group (2009), Report on the future of financial supervision in the EU, 
Brussels. 


8Siri (2017), p. 132 and subsequent. 
° Swain and Swallow (2015), p. 145, available at http://www.bankofengland.co.uk/. 
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reference point for its activities, which are to comply with generally applicable law 
and accepted ethical standards. The guidelines also refer to the organisation of the 
compliance function within the structures of the insurance undertaking and the 
person in charge of that unit (the ‘Chief Compliance Officer’). The person appointed 
to supervise the compliance function should have direct access to the management 
board in order to keep it informed about: 


e the most important compliance risks associated with the business activity of the 
insurer and the measures taken to combat them 

e the assessment of how the various departments and units are meeting the stan- 
dards and compliance objectives 

e personal problems and conflicts of interest 

e fines and other disciplinary sanctions imposed by the competent authorities on the 
insurer or its employees 


The ISO 19600:2014 is certainly a benchmark for entrepreneurs who plan to 
implement the compliance function, including insurance undertakings. This standard 
specifies general requirements related to the development of compliance. The ISO 
standard is internationally applied, however in this sense should not be identified as a 
requirement to be met by entrepreneurs. Its scope includes recommendations related 
to the implementation, execution and development of the compliance function. It is 
based on the principles of good governance, proportionality, transparency and 
sustainability. The standard indicates that having an effective compliance function 
results in an organisation’s possibility to achieve the anticipated business objectives 
by complying with the law and accepted standards of conduct, as well as ethical 
standards. The primary task of an organisation in ensuring an effective compliance 
function is to identify all the requirements associated with its business activity. To 
that end, it is necessary to perform a self-assessment of the conducted business 
activity (nature of the activity, services or products provided). 


2.2 Polish Insurance Law and Supervisory Practice 


The compliance function in Polish insurance law has been clearly distinguished and 
developed in the structure of insurance undertakings following the European Parlia- 
ment’s adoption of Directive 2009/138/EC of 25 November 2009 on the taking-up 
and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ EU L of 
17 December 2009).'° This period was certainly a breakthrough for the development 
of the compliance function in insurance undertakings. Before the adoption of 
Solvency II, the compliance function was not fully separated and shaped on the 


'0Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on 
the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency IL) (OJ EU L of 
17 December 2009). 
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Polish insurance market. At that time, the tasks of the compliance function were 
performed by the legal unit, the risk unit or the internal audit unit.'' This is essential 
for the proper governance of insurance undertakings.” 

The separation and shaping of the compliance function in the insurance under- 
takings took place because of the entry into force of Solvency II. Its final shape, from 
the perspective of insurance undertakings operating in Poland, was determined by 
the Act of 11 September 2015 on Insurance and Reinsurance Activity,’° which 
implemented Solvency II into Polish law. The above-mentioned regulations intro- 
duced an obligation to establish the compliance function in insurance undertakings 
from 1 January 2016. 

The role of the compliance unit is defined in Article 64(2) of the Act on Insurance 
and Reinsurance Activity. Pursuant to this provision, the compliance function 
covers: 


e advising the undertaking’s management and supervisory board on the compliance 
of conducting insurance or reinsurance business activity with the law 

e assessing the possible impact of any changes in the legal status on the undertak- 
ing’s operations 

e identifying and assessing the risk of non-compliance with laws, internal regula- 
tions and standards of conduct adopted by the undertaking 


At the same time, the compliance function has been qualified as an element of the 
insurance undertaking’s management system, in addition to the risk management 
function, the internal audit function and the actuarial function, whose combined task 
is to ensure proper and prudent management of the insurance undertaking. The 
person supervising the compliance function has been classified as a person playing 
a key role within the insurance undertaking. Such a qualification determines this 
person’s obligation to meet certain requirements such as: 


e having full legal capacity 

e having higher education obtained in Poland or obtained in another country, which 
constitutes higher education within the meaning of the relevant provisions of that 
country 

e not being convicted of an intentional crime or an intentional fiscal offence by way 
of a final court judgement 

e having the professional experience necessary to supervise the key function 

e guaranteeing that tasks are performed properly 


Of the above-mentioned requirements, the KNF attaches particular importance to 
the need for the person supervising the compliance function to have the professional 
experience necessary to perform this function and to guarantee due performance of 


11 Mrozowska-Bartkiewicz and Wnek (2016), p. 71. 
1? Preamble to Solvency II. 


13 Act of 11 September 2015 on Insurance and Reinsurance Activity (i.e. of 2018 item 999 as 
amended). 
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tasks. '* In the opinion of the supervisory authority, those criteria should be assessed 
in the light of the principle of proportionality, taking into account the scale and 
complexity of the activities of the insurance undertaking or the risks to which it is 
exposed, as well as some kind of projection of the functions of the person in question 
based on that person’s previous professional experience. In particular, an assessment 
of a person’s professional experience acquired hitherto, including any irregularities 
found in his or her area of responsibility. The supervisor is of the opinion that 
‘human actions are repetitive and, once a person has committed irregularities, the 
risk that they will be committed by that person in the future is significantly higher’. 
The question whether the candidate for the person supervising the compliance 
function meets the requirements is assessed not only by the statutory bodies of the 
insurance undertaking, i.e. the management board and the supervisory board, but 
also on the audit committee. In the opinion of the supervisor, these bodies should not 
only assess the candidate’s technical qualifications, but also determine whether the 
person in question has the ability to perform the compliance function independently. 
Each of the above-mentioned bodies of the insurance undertaking should actively 
assess the candidate and should not limit itself to an automatic acceptance of the 
candidate based on the management board’s recommendations. 

At this point it should be noted that the KNF’s recommendations do not constitute 
generally applicable law but are an expression of supervisory expectations directed 
at insurance or reinsurance undertakings with regard to their activities. Supervisory 
expectations are also expressed in the form of positions or communications 
addressed to a specific group of recipients. A supervisory recommendation itself 
constitutes an indication of what conduct of the insurance or reinsurance undertaking 
is approved by the supervisory authorities and hence will not be challenged by the 
KNF.' As a consequence, recommendations constitute an expression of the KNF’s 
perception of certain areas of an insurance undertaking’s business activity, and 
actions to the contrary of the supervised entity may, in situations specified in legal 
regulations, result in the initiation of supervisory activities.'° However, it should be 
emphasised that simple non-compliance of an insurance undertaking with a recom- 
mendation cannot constitute the basis for imposing supervisory sanctions by the 
KNF. A circumstance which constitutes grounds for the application of supervisory 
instruments by the KNF is violation of applicable provisions of law. However, it is 
possible that a specific recommendation adopts the content of a legal standard.'’ The 
Corporate Governance Principles for supervised institutions issued by the Polish 
Financial Supervision Authority should also be mentioned among the most notable 
provisions of law and supervisory expectations affecting the development of the 
compliance function in insurance undertakings. 


'SCommunication of 20 August 2018 on the role and importance of compliance functions by 
insurance and reinsurance undertakings. Available at: www.knf.gov.pl. 


'SWojno (2017). 
'6Wojno (2017). 
'TWojno (2017). 
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3 Organisation and Tasks of the Compliance Function 
in the Insurance Undertaking 


3.1 Tasks and Structure 


The provisions of law do not interfere in a detailed manner in how the compliance 
function is developed and operated in the organisational structure of the insurance 
undertaking. "S The existing legal requirements concerning the compliance function 
in insurance undertakings concentrate on essential aspects related to the exercise of 
that function, such as the obligation to establish compliance, a description of the role 
and tasks of that function and the criteria to be fulfilled by the person who is to 
supervise the exercising of that function.'? However, the obligation to establish a 
compliance function shall not entail the separation of that function from other key 
functions within the organisational structure of the insurance undertaking in accor- 
dance with EIOPA’s guidelines on the governance of the insurance undertaking.”° 
Nevertheless, considering the tasks and essence of individual key functions, it does 
not seem that the possible combining of these functions within one organisational 
structure could contribute to their greater effectiveness. Additionally, it is even 
impossible to combine some key functions of an insurance company in the light of 
the third line of defence concept, as in the case with the role of audit function.”! 

The detailed tasks for the compliance function in an insurance undertaking and 
the manner of their performance are specified in Article 270 of Commission Dele- 
gated Regulation (EU) No. 2015/35. In the light of this provision, the compliance 
function in the insurance undertaking: 


e establishes rules and a plan to ensure compliance with provisions of law: 


a) The principles on ensuring compliance specify the tasks, competences and 
reporting obligations assigned to the compliance function. 

b) The compliance plan describes the planned activities of the compliance 
function, which cover all relevant areas of insurance and reinsurance under- 
takings’ business activity and their exposure to non-compliance risk. 


e assesses the adequacy of measures adopted by the insurance or reinsurance 
undertaking to prevent non-compliance with provisions of law 


An insurance undertaking’s failure to establish the compliance function may be 
sanctioned by the Polish Financial Supervision Authority through supervisory 


18 Paś (2018), p. 87. 
19 Paś (2018), p. 87. 
?0 Siri (2017), p. 136 and subsequent. 


?1 CEIOPS, Advice to the European Commission on the Principle of Proportionality in the Solvency 
I Framework Directive proposal, CEIOPS-DOC-24/08, May 2008, available at https://eiopa. 
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measures specified in the Act on Insurance and Reinsurance Activity. The compli- 
ance structure of the insurance undertaking itself should be based on an appropriate 
and clear division of tasks which ensures an effective decision-making process, 
prevents conflicts of interest and provides an effective information system.” At the 
same time, in line with the principle of proportionality, the compliance system 
should be adequate to the nature, scale and complexity of the business activity of 
the insurance undertaking in question. A proportional compliance system should 
ensure its effective implementation.” 

When developing the compliance function in an insurance undertaking, it is also 
worth considering the KNF’s position of 20 August 2018 on the role and importance 
of the implementation of the compliance function by insurance and reinsurance 
undertakings.“ In the vision of the compliance function presented by the supervisor, 
the KNF draws attention to the fact that the core of this function consists in ensuring 
compliance with the broadly understood legal regulations, including regulations on 
the prevention of money laundering, personal data protection, as well as ensuring 
compliance with supervisory recommendations. Implementation of the statutory task 
of the compliance function, i.e. ensuring compliance with the law, should not 
interfere with any additional tasks carried out by that function, such as those related 
to the implementation and application of internal regulations which are in force in 
the capital group to which the insurance undertaking belongs. In the opinion of the 
supervisor, establishing a compliance unit in which tasks other than ensuring legal 
compliance are prioritised is unacceptable. Such prioritisation of tasks by a share- 
holder may be deemed as an unauthorised influence on the compliance function’s 
autonomy. 

The concept of function under Solvency II should be understood as an opportu- 
nity to undertake practical tasks.” In view of the above, the primary role of the 
compliance unit is to coordinate non-compliance risk management in a manner 
ensuring a level of risk acceptable from the perspective of the security of the 
insurance undertaking. As part of developing the compliance system in an insurance 
undertaking, consideration should also be given to its model, i.e. whether compli- 
ance should be part of the internal control system, as set out in Article 64(1) of the 
Act on Insurance and Reinsurance Activity, or whether compliance should be 
understood more broadly as part of the risk management system. In the Act on 
Insurance and Reinsurance Activity, the Polish legislator adopted the rule of sepa- 
rating the compliance function from the risk management function. However, the 
compliance function is classified differently by the Polish Financial Supervision 
Authority, which, in its Corporate Governance Principles for supervised institutions, 
does not determine whether this function is only an element of the internal control 


?2 Leśniak (2017). 

Leśniak (2017). 

?4 Communication of 20 August 2018 on the role and importance of compliance functions by 
insurance and reinsurance undertakings. Available at: www.knf.gov.pl. 

?5 Leśniak (2017). 
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system or whether it also includes a risk management system.” Thus, it seems that 
this way it leaves some freedom to financial institutions, including insurance under- 
takings, in how they choose to organise the compliance function within their internal 
structures. The above-mentioned concept of understanding the compliance system 
by financial supervision was also expressed in Resolution No. 258/2011 of the KNF 
addressed to the banking sector.” 

On the compliance unit’s place in an insurance undertaking’s organisational 
structure, certain supervisory expectations expressed both in the framework of the 
Corporate Governance Principles for supervised institutions and the positions of the 
KNF of 16 February 2016 on requirements for the governance system of an 
insurance/reinsurance undertaking and of 2 August 2018 on the role and importance 
of the compliance function of insurance and reinsurance undertakings should be 
mentioned.”* Pursuant to Article 47 of the Corporate Governance Principles, ‘1. The 
supervised institution should develop and implement an effective, efficient and 
independent function for ensuring the supervised institution’s compliance with 
laws and internal regulations and should take into account supervisory recommen- 
dations. 2. The compliance function should be organised in a manner guaranteeing 
the independent performance of tasks in this respect’. In view of the above, the 
Polish Financial Supervision Authority expects that financial institutions, including 
insurance undertakings, will develop the compliance function within their structures 
in a way ensuring its independence and effectiveness. 

The compliance function, as part of an insurance undertaking’s governance 
system, is also subject to a supervisory review by the BION. As part of the 
assessment of this field, the KNF verifies whether the compliance function 
implemented by the insurer is adequate to the nature, scale and complexity of the 
undertaking’s business activity and whether the insurer has ensured its integration 
into the undertaking’s organisational structure and decision-making processes. Fur- 
thermore, the KNF assesses whether the insurance undertaking carries out mitigation 
activities in the field of the compliance function, as declared.7° 

It is also worth mentioning that under the Corporate Governance Principles, the 
status of the head of the compliance unit equals that of the head of the internal audit 


26 Cichy (2015), pp. 7-8. 

?T Resolution of the Polish Financial Supervision Authority No. 258/2011 of 4 October 2011 on 
Detailed Principles of Functioning of the Risk Management System and Internal Control System 
and Detailed Conditions of Internal Capital Assessment by Banks and of Reviewing the Process of 
Internal Capital Assessment and Maintenance and the Principles of Determining the Policy on 
Variable Components of Remuneration of Persons Holding Managerial Positions at a Bank. 

?8 Positions of the Polish Financial Supervision Authority of 16 February 2016 on requirements for 
the system of governance of an insurance/reinsurance undertaking and of 2 August 2018 on the role 
and importance of the compliance function exercised by insurance and reinsurance undertakings. 
Available at: www.knf.gov.pl. 

°° Methodology for the Annual Supervisory Assessment and Examination (BION) for insurance and 
reinsurance undertakings (assessment for 2019), https://www.knf.gov.pl/knf/pl/komponenty/img/ 
Metodyka_BION_2019_70381.pdf. 
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unit. At the same time, the aforementioned persons should be able to communicate 
with the management board, supervisory board and the audit committee directly. 
Consequently, they should be able to report directly to these bodies. In the light of 
the Corporate Governance Principles, the KNF expects the head of the compliance 
unit as well as the head of the internal audit unit to participate in the meetings of the 
management and supervisory board or audit committee whenever issues related to 
the internal control system, internal audit function or compliance function are 
discussed. It should also be emphasised that under the Corporate Governance 
Principles, the appointment or dismissal of the head of the compliance unit takes 
place with the approval of the supervisory board or audit committee. In addition, it is 
worth mentioning that the insurance undertaking is obliged to inform the supervisory 
authority about changes in the position of the person supervising the compliance 
function within seven (7) days from the date of such a change. The KNF may also, 
by way of a decision, prohibit a person from supervising the compliance function if it 
has been determined that the person in question does not meet the requirements set 
out in the Act on Insurance and Reinsurance Activity. 

The KNF also expects that members of the management board will not combine 
their functions with supervision of other key functions, i.e. the compliance function, 
the risk management function, the internal audit function and the actuarial func- 
tion.” The KNF underlines the different nature of the duties imposed on the 
management board and the duties of the persons supervising other key functions 
in the insurance undertaking. In the opinion of the supervisory authority, the role of 
persons supervising other key functions, including the compliance function, is to 
provide advice and expertise to members of the management board. Similarly, 
EIOPA sees the role of supervisors with other key functions in line with the 
guidelines for an insurance company’s governance system which indicate that the 
AMSB interacts with the senior management and key functions holders—including 
the audit, compliance, actuarial and risk management—‘proactively requesting 


relevant information from them and challenging that information when necessary’.”! 


3.2 Responsibility for Irregularities of the Compliance 
Function 


In the light of the KNF’s position, irregularities of the compliance function give rise 
to liability on the part of both the persons supervising the performance of the key 
function and the president of the management board and other members of the 
management board. Possible sources of irregularities in the functioning of the 


3°Methodology for the Annual Supervisory Assessment and Examination (BION) for insurance and 
reinsurance undertakings (assessment for 2019), https://www.knf.gov.pl/knf/pl/komponenty/img/ 
Metodyka_BION_2019_70381.pdf. 
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compliance function include an inadequate organisational structure, an inefficiently 
organised management system, an incorrect organisational and risk management 
culture, flawed attitudes of the managers in the insurance undertaking or, finally, a 
lack of independence and objectivity in the functioning of the compliance function. 

There should be no doubt that the liability of the person supervising the compli- 
ance function, as well as that of the members of the management board of the 
insurance undertaking in connection with irregularities in the operation of that 
function is of an administrative and legal nature, which may be based on a breach 
of certain provisions of the Act on Insurance and Reinsurance Activity. Violation of 
provisions of law itself is one of the prerequisites for the KNF to apply the 
supervisory measures referred to in Article 362(1) of the Act on Insurance and 
Reinsurance Activity in connection with Article 362(2) (1) of the Act on Insurance 
and Reinsurance Activity. In the light of these provisions, one of the supervisory 
measures that the KNF is entitled to is the possibility to impose a financial penalty on 
a member of the management board if an insurance undertaking conducts business in 
violation of the law. 


3.3 Role of the Compliance Function 


When creating the compliance unit of an insurance undertaking, the following 
models can be adopted as a reference (analogous to those existing in banks*”): 


e A central model where responsibility for the entire compliance risk management 
process lies with the compliance unit, which cooperates with the other units of the 
insurance undertaking, including in particular business and operational units. It is 
directly subordinated to the management board of the insurance undertaking. 

e A hybrid model in which all units of the insurance undertaking are involved in the 
process of managing the risk of non-compliance. The compliance unit is in this 
case responsible for the comprehensive assurance of compliance and the com- 
prehensive process of managing the risk of non-compliance. In particular, it is 
reflected in the monitoring and verification of business units within the scope of 
their activities and reporting to the management board and supervisory board. 

e A distributed model in which the compliance function is performed by all units of 
the insurance undertaking. In this model, the compliance unit is only an interme- 
diary in the transmission of information to the management board or even 
becomes redundant. 


The choice of the compliance function model is at the discretion of the insurance 
undertaking. At the moment, there is no legal requirement for an insurance under- 
taking to adopt a specific compliance function model. however, when choosing a 
compliance function model, the insurance undertaking should apply the principle of 


32 Cichy (2015), p. 10. 
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proportionality. In line with that principle, the choice of the model should be 
appropriate to the nature, scale and complexity of the business activity of the 
insurance undertaking in question. 

Some guidelines on the model of the compliance function that should be in place 
in an insurance undertaking have been indicated by the KNF in the Corporate 
Governance Principles. In the light of Article 47(2) and Article 49 of those Princi- 
ples, the compliance unit should participate in the process of managing the risk of 
non-compliance. This role should focus more on coordinating the process itself, 
reporting to the supervisory board and the management board and providing exper- 
tise to these bodies.” In this context, it seems that a hybrid model is the supervisor’s 
preferred compliance function model. The above-mentioned position seems to be in 
line with the so-called three-line defence model adopted in Solvency II, in the line 
with which the compliance unit is the process owner for managing the risk of 
non-compliance and business and operational units are the owner of the risk itself. 
In keeping with the three-line defence model, the compliance function plays an 
advisory and coordinating role in the process of managing the risk of 
non-compliance through its monitoring and management. The role of the compliance 
function itself should not consist in accepting an identified non-compliance risk or in 
accepting it for the decision-making processes of business units or the Management 
Board.** In this context, the exertion of pressure on the compliance function through 
existing formal or informal mechanisms for this purpose should be criticised partic- 
ularly strongly.*° A key element in guaranteeing the independence of the compliance 
function is ensuring it is organised in a manner preventing it from influencing its 
employees with the possibility of having a detrimental effect on their employment 
situation.°*° 

The literature on the subject matter underlines that the compliance function 
should clearly indicate the boundary conditions which should not be exceeded by 
business and operational units.” At the same time, it should be stipulated that when 
an insurance undertaking creates the compliance function, the relevant legal require- 
ments and supervisory expectations with respect to that function should be consid- 
ered. At this point it should be pointed out that while in the case of legal 
requirements, the insurance undertaking is obliged to comply or otherwise face 
potential sanctions, in view of the supervisory expectations expressed in the form 
of positions or recommendations, the undertaking has a certain degree of discretion 
in their implementation based on the “comply or explain’ principle. Consequently, 


3 Cichy (2015), p. 12. 

4Communication of 20 August 2018 on the role and importance of compliance functions by 
insurance and reinsurance undertakings. Available at: www.knf.gov.pl. 
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when establishing the compliance function, an insurance undertaking may, based on 

the principle of proportionality, decide to organise that function differently than 

recommended by the supervisory authority, provided that it is justified by the nature, 
scale and business activity of the undertaking. 

In relation to the characteristics of the compliance function, it should be stated 
that, in the light of Article 64(2) of the Act on Insurance and Reinsurance Activity, 
all legal regulations, including internal regulations, which affect or may affect the 
activity of an insurance undertaking should be of interest to that entity. In the context 
of the scope of the regulations that apply to the business activity of an insurance 
undertaking, it should be stated that the so-called hybrid model is the most optimal 
model for the implementation of the compliance function.** As indicated above, in 
this model, the compliance function is performed by all units of the insurance 
undertaking, and the compliance unit coordinates the compliance process and the 
process of managing the risk of non-compliance on the systemic level across the 
insurance undertaking. There is no doubt that the particular focus of an undertaking's 
compliance unit should lie primarily on the legal provisions strictly governing 
insurance activity and the regulations, the non-compliance of which generates the 
greatest risk. On the activity of insurance undertakings, these include the following 
areas:” 

e compliance of the undertaking’s business activity with the provisions of the 
Polish and EU law and recommendations of supervisory institutions and other 
entities which have impact on practices in force on financial markets 

e prevention of money laundering, terrorist financing, corruption and other abuses 
on the part of customers, employees and contractors, safeguarding of legally 
protected secrets 

e protection of confidential information and personal data, supervision of the 
confidential information flow 

e management of conflicts of interest 

e assurance that the company’s employees will follow the ethical code and relevant 
market practices 

e establishment of principles of ethical conduct when conducting an insurance 
activity 

e advertisement of insurance products 

e receipt of reports, investigation procedures, development of standards to protect 
employees who report irregularities (including whistle-blowers) 

e management of operational risk in the compliance area 

* contacts with supervisory authorities, including the distribution of the correspon- 
dence sent by that authority and replying to its enquiries 

e issues related to insurance outsourcing 


38 Rajewski (2018), p. 39. 
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e participation in the development of new business models or the creation of new 
products, taking into account the applicable regulations and appropriate 
communication 

e supervision of the policy related to the receipt and distribution of gifts by 
employees and the organisation of events participated of customers 

e training and information campaigns for employees in the field of compliance 
culture 


3.4 Selected Models of Compliance Functions in European 
Insurance Undertakings 


3.4.1 PZU Group 


According to the SFCR report for 2018 published by PZU SA,*° Compliance 
Department is responsible for shaping the PZU Group’s compliance system while 
ensuring its consistency across all levels within the PZU Group. PZU’s Compliance 
Department reports to the Company’s Management Board and Supervisory Board on 
all events occurring at the level of both PZU and the subsidiaries with which 
agreements on cooperation and exchange of information have been entered into. 
Recommendations issued by the Compliance Department at PZU as part of its 
activities and compliance analyses are subject to the monitoring process. In each 
PZU Group company, the compliance function is arranged based on uniform and 
consistent standards developed at the PZU level in consideration of the “proportion- 
ality principle’, that is while taking into account the scale and specific nature of the 
pertinent PZU Group company. The internal regulations in place delineate the extent 
and nature of activities of the compliance function, including regular reporting by the 
subsidiaries’ compliance units to PZU’s Compliance Department, and then by 
PZU’s Compliance Department to the PZU Management Board and Supervisory 
Board. This notwithstanding, the subsidiaries’ compliance units also report to their 
own management boards or supervisory boards. The compliance function in PZU 
Group companies is objective and independent. The most significant powers of 
PZU’s Compliance Department in compliance risk in the PZU Group are as follows: 


e analysing and participating in the process of deploying systemic solutions in all 
functional areas of PZU Group companies and ongoing business processes in 
terms of compliance risk 

e initiating and recommending changes in systemic solutions and analysed pro- 
cesses in place at PZU Group companies ensuing from compliance analyses 

e ensuring coordination and uniform solutions in deploying the compliance func- 
tion and managing compliance risk in the PZU Group 


4°SFCR report for 2018 published by PZU SA, available at: https://www.pzu.pl/relacje- 
inwestorskie/raporty ?queries %5BreportTypes%5D=solvency&queries %5Byear%5D=2019. 
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e consulting and cooperating with subsidiaries to ensure uniform solutions in 
deploying the compliance function in the PZU Group, fulfilling reporting obli- 
gations arising from the Supplementary Oversight Act and adopting a consistent 
approach of the PZU Group’s regulated subsidiaries to the preparation of 
responses to inquiries sent by the Polish Financial Supervision Authority system- 
ically to regulated entities 

e consulting and exchanging information with subsidiaries to ensure consistency in 
the process of compliance risk identification and assessment 

e conducting systemic compliance analyses in PZU Group companies based on 
internal regulations, cooperation agreements and policies 

e system-level reporting on compliance risk in the PZU Group 

e monitoring observance of the standards of conduct, including ethical standards, in 
consideration of the best practices adopted in PZU Group companies 


As part of the exchange of information and cooperation with subsidiaries in the 
compliance function, the PZU’s Compliance Department participates in the deploy- 
ment, in these companies, of uniform standards and key methodological solutions. 
The formal basis for cooperation in the compliance function is provided by agree- 
ments on cooperation and exchange of information and the provisions of the PZU 
Group’s Compliance Policy which define in detail the rules, extent and nature of 
such cooperation between PZU and its subsidiaries. 


3.4.2 Generali Group 


According to the SFCR report for 2018 published by Assicurazioni Generali S.p. 
A.,"" the compliance function has the responsibility to advice the Administrative, 
Management or Supervisory Body on compliance with laws, regulations, and 
administrative provisions, including those adopted pursuant to the Solvency II 
Directive for insurance and reinsurance Group companies. The compliance function 
also advice on other laws, regulations, and administrative provisions, including the 
Group Code of Conduct and Group policies. Moreover, the compliance function has 
the responsibility to assess the possible impact of any changes of in the legal 
environment on the operation of relevant Group company and to identify and assess 
the compliance risk, including the adequacy of the measures adopted to prevent 
non-compliance. 

Assicurazioni Generali S.p.A., in its capacity as parent company of the Generali 
Group, has adopted the ‘Group Compliance Management System Policy’ which 
includes the fundamental rules on how compliance must be embedded in the daily 
operations and how the compliance function must be implemented. In this respect, 


“ISFCR report for 2018 published by Assicurazioni Generali S.p.A. available at: https://www. 
generali.com/investors/reports-and-presentations/report-archive/SFCR-2018-Solvency-and-finan 
cial-condition-report. 
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the above-mentioned policy defines the operating model of the global compliance 
function across the Group. 

In particular, the core processes included under the compliance operating model 
are the following: 


e risk identification 

e risk evaluation 

e risk mitigation 

e risk monitoring 

e reporting and planning 


The risk identification process is aimed at ensuring that the requirements arising 
in connection with both the internal and the external regulations are identified and 
allocated under the responsibility of the relevant operational functions. 

The risk evaluation process is aimed at assessing, also under a forward-looking 
perspective, the risk which each Group company is exposed to and the level of 
adequacy of the internal control system to achieve its goals. The compliance 
function, together with the risk management function, performs and supports risk 
owners in risk assessment activities and ensures that Group methodologies are 
applied. 

The risk mitigation process aims at ensuring the adoption of all necessary for the 
correct implementation of the requirements set out by the internal and external 
regulations. In particular, the compliance function ensures that appropriate training 
programs for all employees are delivered on regular basis, internal regulations and 
procedures are defined and minimum standard for controls identified, in cooperation 
with the operational functions. 

The risk monitoring process aims at achieving an updated picture on the ability of 
the Group company to manage compliance risks. Such process consists in the 
collection and periodical analysis of specific data and indicators that ensure the 
effective deployment of such risk monitoring 

The reporting process aims at ensuring that appropriate information flows 
towards Senior Management and the Administrative, Management or Supervisory 
Body of each Group company are in place such a way as to allow these parties to 
make decisions that consider the level of exposure of the Group company to 
compliance risks and to assess the adequacy and effectiveness of their internal 
control systems to manage such risks. 


3.4.3 Allianz Group 


According to the SFCR report for 2018 published by Allianz Group,” key tasks and 
activities of the compliance function include: 


42 SFCR report for 2018 published by Allianz, available at: https://www.allianz.com/en/investor_ 
relations/results-reports/sfcr.html. 
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e Advising the Board of Management on compliance with laws, regulations, and 
regulatory requirements applicable to the Allianz Group (external requirements) 
as well as on the potential impact of material changes in the legal environment 

e Identifying and assessing compliance risk (risk of legal or regulatory sanctions, 
material financial losses, and/or reputational damages that Allianz SE or the 
Allianz Group might sustain as a result of non-compliance with external 
requirements 

e Monitoring of appropriate and effective internal procedures to ensure compliance 
with material external requirements applicable to the Allianz Group 

e Observing and analysing developments in the legal environment and evaluating 
the potential impact of material changes to the legal environment on the 
Allianz Group 


The compliance function reports to the Board of Management on current com- 
pliance issues as and when required, but at least once a year. 

The compliance function is a core component of the Allianz Group’s Internal 
Control System. Fulfilment of the compliance function’s duties is ensured by the 
compliance department of Allianz SE (Group Compliance). 


4 Management of the Risk of Non-Compliance 
in an Insurance Undertaking on the Example of Solutions 
Existing in Poland 


In the light of Article 50(2) of the Corporate Governance Principles issued by the 
Polish Financial Supervision Authority, the process of risk management in financial 
institutions consists of individual, interrelated activities. Similarly, the process was 
regulated in the Regulation of the Minister of Development and Finance of 6 March 
2017 on the risk management system and internal control system, remuneration 
policy and detailed estimation of internal capital in banks (Journal of Laws of 2017, 
item 637). At the same time, attention should be paid to supervisory expectations 
concerning the process of managing the risk of non-compliance in banks expressed 
in Recommendation H on the internal control system in banks. While these regula- 
tions and supervisory expectations are addressed to banks, they can provide a 
reference point for illustrating the model of the process of managing the 
non-compliance risk that may occur in insurance undertakings. In the light of Article 
37 (4)-(8) of the above-mentioned Regulations, responsibilities of the compliance 
unit include: 


e identification of the risk of non-compliance, in particular through the analysis of 
legal regulations, the bank’s internal regulations, market standards and the results 
of internal investigation procedures conducted by the compliance unit 

e assessment of the risk of non-compliance by measuring or estimating that risk 
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e development and implementation of mechanisms for controlling the risk of 
non-compliance based on an assessment of the risk of non-compliance 

e monitoring of the extent and profile of the risk of non-compliance following the 
application of mechanisms for controlling the risk of non-compliance 

e the periodic submission of reports on non-compliance risk to the management and 
supervisory board or audit committee, if the latter has been appointed 


4.1 Identification of the Risk of Non-Compliance 


The first component of the process of managing the risk of non-compliance is its 
identification. The purpose of this activity is to identify areas where the risk of 
non-compliance may occur. For this purpose, the compliance unit should have 
guaranteed access to relevant sources of information on the business activity and 
operational activities of the insurance undertaking. Only in this way will the com- 
pliance function be able to perform its tasks independently and objectively. This 
may be achieved, for example, through the participation of the compliance unit in the 
work on the implementation or modification of products offered by the insurance 
undertaking. In addition, the participation of the compliance unit in this process is 
required by the Polish Financial Supervision Authority in the light of the recom- 
mendations on the product management system. In line with Recommendation 
11, ‘the Undertaking should carry out detailed analyses of products before they are 
placed on the market and each time when there are changes in the target customer 
group or significant changes in products’. As part of product analyses, the insurance 
undertaking should carry out a qualitative analysis consisting of an assessment of 
compliance with the applicable laws, guidelines and recommendations of the super- 
visory authority and the internal regulations adopted by the Undertaking, an analysis 
of whether clauses that have been considered as prohibited contractual or analogous 
clauses are present in the products, as well as an analysis of potential risks associated 
with the product, including those relating to inadequacy of the premium offered by 
the undertaking. However, the process involved in changing or implementing the 
products offered by the undertaking should not be the only source of information on 
potential risks of non-compliance. In its Recommendation H on the internal control 
system in banks, the Polish Financial Supervision Authority also distinguishes the 
following basic sources of information which should be used in the identification of 
risk of non-compliance (in line with Recommendation 15.2): 


e changes in provisions of law, internal regulations and market standards 
e registers and documentation maintained by the bank (e.g. register of operational 
risk losses) 
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e information obtained from other organisational units as part of the performance of 
their duties, including in particular as part of their independent monitoring 
process 

e findings of the compliance unit made in connection with the ongoing verification 
and testing carried out by that unit 

e results of internal investigation procedures conducted by the compliance unit or 
other organisational units of the bank 

e irregularities identified by the bank in all three lines of defence 

e information from an anonymous infringement notification channel 

e arrangements resulting from supervisory activities performed by authorised insti- 
tutions (e.g. the KNF) and activities performed by other authorised institutions 
(e.g. Consumer Protection and Competition Office, Financial Ombudsman) 


4.2 Assessment of the Risk of Non-Compliance 


The second component of the process of managing the risk of non-compliance is risk 
assessment, also called risk analysis, measurement or estimation. Risk assessment is 
performed once a risk has been identified and consists in risk estimation.** Never- 
theless, the risk of non-compliance is a risk that is difficult to measure. Qualitative 
methods, consisting of expert risk measurement carried out by compliance officers, 
are crucial in risk assessment. This assessment results in the determination of the 
level of the identified risk (e.g. high, medium or low) based on an established 
procedure or methodology. In this sense, the assessment of the risk of 
non-compliance may consist in an estimation of the amount of financial and 
non-financial losses that an insurance undertaking may incur as a result of failure 
to meet those risks. These losses may result from fines imposed by regulators such as 
the Consumer Protection and Competition Office or the Polish Financial Supervision 
Authority. For example, in the case of an identified risk of non-compliance 
consisting in a potential breach of the collective interests of consumers, the amount 
of the penalty that the President of the Consumer Protection and Competition Office 
may impose if that risk occurs amounts to 10% of the turnover achieved in the 
financial year preceding the year in which the penalty is imposed. The above does 
not include to the losses that may arise from litigation with particular clients, as well 
as losses resulting from the loss of credibility among clients. The following methods 
should be distinguished as part of the assessment of the risk of non-compliance 
(in line with the KNF’s Recommendation 16.2 on the internal control system in 
banks): 


e self-assessment of risk 
e scenario analyses 


“4 Cichy (2015), p. 21. 
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analyses of regulatory gaps 
indicators of the risk of non-compliance 


4.3 Control of the Risk of Non-Compliance 


The use of risk mitigation mechanisms is the next step in the process of managing the 
risk of non-compliance. They have a preventive function. The purpose of the control 
mechanisms is to minimise the risk of non-compliance.*° In the light of Article 36 
(1) of the Regulation of the Minister of Development and Finance of 6 March 2017 
on the risk management system and internal control system, remuneration policy and 
detailed estimation of internal capital in banks, the following types of control 
mechanisms should be distinguished: 


procedures 

division of responsibilities 

authorisation, in particular the authorisation of financial and economic operations 
access control 

physical inspection 

process of recording financial and economic operations in accounting, reporting 
and operational systems 

stocktaking 

documentation of derogations 

performance indicators 

training 


The risk control mechanisms defined by the KNF in Recommendation H on the 


internal control system (Recommendation 7.2.) are also noteworthy: 


analysis of new products and services introduced to the bank’s offer 

analysis of modifications to these products and services and analysis of the sales 
processes of these products and services, in terms of compliance with provisions 
of law, internal regulations and market standards 

issuance of detailed guidelines by the compliance unit 

coordination of the process of informing about changes in laws, internal regula- 
tions and market standards 

participation in key implementation projects, in the context of ensuring compli- 
ance with the provisions of law, internal regulations and market standards 
(provided that the independence of the compliance unit in the testing process is 
not affected) 


*Cichy (2015), p. 21. 
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e performance or commissioning of training to the extent indicated by the 
compliance unit 
e determination of non-compliance risk indicators 


4.4 Risk Monitoring 


Monitoring of the identified and assessed risk of non-compliance aims to determine 
whether the applied risk mitigation mechanisms have reduced the risk likelihood and 
to determine whether the level of that risk is acceptable from the perspective of the 
adopted risk management strategy of the insurance undertaking. Risk monitoring 
should also be perceived as a control of prior stages of the process of managing the 
risk of non-compliance. The purpose of this activity is also to demonstrate to the 
management and supervisory board whether the level of risk of non-compliance is 
acceptable. The instruments for risk monitoring include the following:*© 


e compliance tests 

e surveys, including self-assessment surveys 

e evaluation of the maturity of the compliance model 

e performance indicators (e.g. the percentage of trained employees, processed 
customer complaints and requests, the pace of implementation and performance 
of internal recommendations and post-inspection recommendations of the 
supervisor) 


4.5 Reporting to the Management Board 
and the Supervisory Board 


Reporting constitutes the final element of the process of managing the risk of 
non-compliance. As part of this activity, the compliance unit should inform the 
management and supervisory board on a regular basis (monthly, quarterly and 
annually) and on an ad hoc basis (e.g. internal investigation procedures) of the 
level and profile of the risk of non-compliance within the insurance undertaking. 
At the same time, the reports should contain information on individual components 
of the process of managing the risk of non-compliance, including the identified risks 
of non-compliance, their assessment, the applied control mechanisms and the results 
of monitoring of those risks. To ensure transparency, it seems that cyclical reports 
should be provided to both the management and the supervisory board. 
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5 Conclusions 


The main assumption of the chapter was an attempt to determine the importance of 
the compliance function in the process of managing the risk of non-compliance by 
means of the functioning and organisation of this unit within the structures of an 
insurance undertaking. The aim of the compliance unit as well as of the process of 
managing the risk of non-compliance itself should be to reduce the risk by ensuring 
adequate mitigation actions. In this context, the role of compliance should be 
perceived not as a restriction of business development, but as an opportunity to 
prevent significant financial losses resulting from the materialisation of the risk of 
non-compliance. Effective implementation of the compliance function allows both 
operating and business units to make informed decisions on risk acceptance. This is 
of particular importance in an era of systematic growth of legal and supervisory 
requirements applicable to financial institutions, including the risks associated with 
the conduct of business and relationships with customers (conduct risk). This results 
in a proportionate increase in an insurance undertakings’ exposure to the risk of 
incurring significant financial and non-financial losses due to their violation of 
specific obligations. 

Given the above, it should be concluded that ensuring the compliance of an 
insurance undertaking’s business activity with applicable laws, internal regulations 
and supervisory expectations is undoubtedly part of safe, stable and prudent man- 
agement of an insurance undertaking. Conscious managing of the risk of 
non-compliance also helps to reduce reputational risk, which is particularly impor- 
tant for financial institutions which are to enjoy public trust. The organisation of 
compliance units is a matter of interest to the Polish Financial Supervision Authority, 
which draws attention to the fact that irregularities with regard to that function give 
rise to liability on the part of the person supervising that function as well as the 
members of the management board of the insurance undertaking. There is no doubt 
that, with increasing regulation, the role and importance of the compliance function 
in the insurance market will continue to increase systematically, as is the case with 
more developed fields of the financial market. 
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Abstract Outsourcing plays an important role in the operation of insurance and 
reinsurance companies. This article aims to define the legal conditions of insurance 
outsourcing and their evaluation by the author. The example of limiting the scope of 
outsourcing in the activities of insurance and reinsurance companies in the Polish 
law shows its specificity compared to other outsourcing in business. This specificity 
lies primarily in the need to control insurance outsourcing by the EU and national 
supervisory authorities. There is a tendency in the law to extend the regulations 
related to insurance outsourcing to the further performance of a process, service or 
activity by insurance companies, particularly in the field of cooperation of traditional 
distributors with Insurtech. The lack of legal regulations forces EIOPA to look for 
appropriate and effective legal solutions in the field of supervision over insurance 
outsourcing. This process is mainly based on self-regulation of the market through 
‘soft law’—this practice sets new tasks for the EU and national regulators. 


1 Introduction 


Despite certain legal restrictions of the objective scope of outsourced activities and 
liability of the insurance undertaking for the data provided within the framework of 
an outsourcing contract, such undertakings decide to outsource to external entities an 
increasing amount of activities. The EU legislator strives to adjust legislation to the 
evolving business reality, which is evident in the increasingly precise legal regimes 
of outsourcing, especially in EIOPA Guidelines. A major role in the process of 
concluding outsourcing agreements is played by supervisory authorities, which 
monitor the outsourcing process and anticipate possible negative results. 
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This study is a contribution intended to further investigations on outsourcing as 
well as subsequent research and discussion. It must be pointed out that many 
practically important questions, such as the relation between outsourcing and the 
regime of insurance secrecy or personal data protection, fall beyond the scope of this 
chapter. 


2 Definitions of Outsourcing 


The name outsourcing is a contraction of three English words: ‘outside resource 
using’—meaning the use of external resources.’ This is an institution very gladly 
used in the processes of managing enterprises and human resources, and in those 
areas it is generally understood as business strategy through which a part of work of 
a given organisation is delegated to external entities. For that purpose, there are 
exceptionally numerous publications on outsourcing in the area of management. I 
could not omit that thread, and many definitions which I present below were 
developed in sciences relating to management. 

In the European Union legislation, one can encounter legal definitions of the term 
‘outsourcing’. However, the Commission Directive 2006/73/EC of 10 August 2006 
implementing Directive 2004/39/EC of the European Parliament and of the Council 
as regards organisational requirements and operating conditions for investment firms 
and defined terms for the purposes of that Directive? and the Directive 2009/138/EC 
of the European Parliament and of the Council of 25 November 2009 on the taking- 
up and pursuit of the business of Insurance and Reinsurance (Solvency II),* which 
handle that issue, limit the objective scope of their definitions of outsourcing 
exclusively to contracts in which one of the parties is respectively: investment firm 
or insurance undertaking or reinsurance undertaking. Because of the clearly limited 
subjective scope of the definitions of outsourcing offered in the abovementioned 
legislative acts and their clearly sectional nature, defining the term ‘outsourcing’ 
only for the purpose of a specific regime, in this part of the considerations, I would 
like to point to a more universal definition of outsourcing, relating to business 
activity in general. 

Similarly, in the Polish legal system, there is no general definition of the term 
‘outsourcing’ even though that term appears on several occasions. In the Act on 
insurance and reinsurance activities, we can find a provision under which 
outsourcing means a ‘a contract between the insurance undertaking or reinsurance 
undertaking and the service provider under which the service provider performs a 
process, service or activity which would be otherwise performed by the insurance 


'Trocki (2001), p. 13; Juchno and Kaszubski (2001), p. 5. 
? Śliwa (2015), p. 39. 

3Dz.U.UE.L.2006.241.26. 

4Dz.U.UE.L.2009.335.1. 


Insurance Outsourcing: A Legal Analysis 73 


undertaking or reinsurance undertaking, including contracts under which the service 
provider delegates the performance of such process, service or activity to other 
entities through which the service provider performs the given process, service or 
activity’.° It can be easily noticed that the definition was drafted similarly to the 
abovementioned examples from European Union law and applies only to a narrow 
scope covered by the statutory framework of the Act. Consequently, it may not be 
treated as a general definition of outsourcing in the Polish legal system.° 

There is no single universal definition of outsourcing, therefore it seems neces- 
sary to outline its conceptions as developed in the literature of the subject (mainly 
economic sciences).’ Certain authors define outsourcing as taking advantage by an 
organisation—recipient of services—of services of an external service provider, 
from outside the ordering firm’s organisational structure. Such services are to consist 
in performance by the service provider of the ordering firm’s tasks on the latter’s 
behalf.* Other researchers are of the opinion that outsourcing means delegation, on 
contractual basis, of material, human or technological resources to another entity 
along with the transfer to that entity of decision-making competences corresponding 
to the delegated means.” 

In the widest sense, outsourcing is viewed as a restructuring project intended to 
bring more flexibility in the operation of an organisation by reducing the 
organisational structure through cutting down on the number of units, organisational 
positions or management levels, which relates to the ean management conception.'° 

Outsourcing may be approached as manifestation of business management. As a 
result of the development, progress and changes in market economy, entrepreneurs 
are searching for new management applications to increase their competitiveness, 
since competitiveness is a necessary precondition to the existence and development 
of businesses. Outsourcing is also a consequence of the progressing globalisation, 
whose scope covers all countries and societies and, directly or indirectly, relates to 
economic operators. An effect of the ongoing globalisation processes is a growth of 
competitiveness, more efficient operation of markets and improvement of con- 
sumers’ position.'! Enterprises approach the institution of outsourcing as a tool for 
the optimisation of their activities intended to achieve their strategic goals. In the 
light of the above, when an entrepreneur concentrates on its principal activity, in 
which it has a market advantage, the areas amounting to the entrepreneur’s auxiliary 


5 Art. 2(1) item 27 of the Act of 11 September 2015 on insurance and reinsurance activities 
(Dz. U. 2020, poz. 895, 1180). 


®Nowak (2008), pp. 357-358. 
7So, e.g. Domberger (1998) or Greaver (1999). 


8S0, e.g. Dominguez (2013), p. 27; Lei and Hitt (1995), p. 836; Grossmann and Helpman 
(2002), p. 115. 


° Greaver Jr (1999), p. 3. 
'ONadolna (2007), p. 200; Trocki (1999). 
"Kowalski (2008), p. 14. 
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or incidental objects are delegated outside. The rule of thumb is that the strong points 
of an enterprise must always remain within its organisation.’ 

When discussing insurance outsourcing, it is worth paying attention to offshoring 
(offshore outsourcing, international outsourcing). From the perspective of theory 
and practice of management, it consists in delegation of a part of services for 
rendition by foreign entities—in countries where labour costs are lower or intellec- 
tual capital resources are richer. In literature, it is indicated that this relates predom- 
inantly to business, IT and research and development services." In this respect, in 
the case of internationally operating insurance conglomerates, international 
outsourcing may apply. 

In insurance practice, there is sometimes a specific type of cooperation between 
insurers known as fronting. This is nothing more than full reinsurance, associated 
with the transfer of the entire insurance risk to the reinsurer. In practice, this means 
that the insurer only acts as a distributor of such insurance, while remaining a party 
to the concluded insurance contract and usually handling such insurance normally; 
however, the insurance risk is borne entirely by the reinsurer in a given case.'* 


3 Outsourcing Types 


According to the type of connections, we can distinguish capital and contractual 
outsourcing. In case of capital outsourcing, there are capital links between corporate 
partners. Capital outsourcing is one of possible methods of creating capital groups, 
consisting in severance from the parent company of a part of its activities and 
establishment a subsidiary with a view to its pursuance. On the other hand, contrac- 
tual outsourcing is the case when the ordering party and the service provider are not 
related in capital terms but are separate entities bound by a contract for the perfor- 
mance of specific activities. '° 

Outsourcing may also be divided according to its significance to the company. If 
the delegated activity provides benefits in a longer time perspective and its nature is 
of key importance to the enterprise, we can speak of strategic outsourcing. Decisions 
about its launch are made by top management, considering the critical success 
factors of the strategy’s implementation. If the timeframe is shorter and/or the 
significance of the delegated activities is lower, we have to do with tactical 
outsourcing. '® 

Another criterion of outsourcing’s division is the distinction according to the 
scope of the severed business function. On that basis, three types of activity may be 


12 Kłos (2009), p. 33. 

13 Ciesielska (2009), p. 21. 

14Czublun (2016), p. 5. See also: Jovanovic (2013), pp. 44-45. 
!5Trocki (1999), p. 37. 

'©Trocki (1999), p. 59. 
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distinguished: (1) core business, constituting the essence of an enterprise’s opera- 
tion. This is an area, within a company, which decides about the company’s 
competitive advantage and may be identified with the conception of key compe- 
tences; (2) auxiliary activities (core related business) comprising strategically essen- 
tial functions which are not of key importance to the organisation; (3) incidental 
activities (non-core related business), that is functions of little or minimum strategic 
importance. In commercial practice, the most commonly delegated functions are 
incidental and, to an increasing degree, auxiliary activities, which are not the 
company’s key asset.” 

In the 80s of the twentieth century, a rapid development of outsourcing started 
from delegating IT services to external entities. IT services were treated as support 
processes and most outsourcing contracts related to processes supporting the core 
activities: administration, logistics, purchases, etc. It was relatively late that business 
processes became implemented with the use of external entities. Following such 
sectoral division, one can distinguish between Information Technology Outsourcing 
(ITO) (St. Armant, 2010), consisting in the development of applications, mainte- 
nance of IT systems, manufacturing support, etc. The second rapidly growing type of 
outsourcing is Business Process Outsourcing (BPO) covering the operation of call- 
centres, management of human resources, accountancy, etc. (Deloite, 2013). From 
the technological point of view, outsourcing of technologies. In the opinion of 
Tower Group and FDIC (Federal Deposit Insurance Corporation, 2004), there are 
four different outsourcing models: direct captive (subsidiary company), joint ven- 
ture, direct service provider, indirect service provider (sub-outsourcer).'® 

Outsourcing may also be divided according to the scope of the delegated func- 
tions. Partial or selective outsourcing principally boils down to severance of a 
narrow area of the enterprise, leaving the rest inside the organisation. On the other 
hand, full or total outsourcing means that most areas of the enterprise organisation’s 
activity are outsourced to one or more providers for a period specified in the 
contract. !” 

According to the option of using external entities’ services home or abroad, 
national outsourcing and cross-border outsourcing can be distinguished. Cross- 
border outsourcing (transnational outsourcing, offshore outsourcing) is usually 
used by companies from highly developed countries and consists in the establish- 
ment of outsourcing cooperation with foreign economic organisations in developing 
countries which, due to lower costs, make attractive business partners. 


17 Kopczyński (2010), p. 14. 

18 Gołąb (2017), p. 164. 

19 Malarewicz-Jakubów and Tanajewska (2014), p. 236. 
Kłos (2009), p. 56. 
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4 Outsourcing Management 


Outsourcing is a complex conception and the discussion of the essence of that 
phenomenon on the borderline of economy and management calls for its wider 
presentation, allowing for multiple aspects, especially the following reasons for 
using outsourcing: (1) the ordering party’s decision whether to make or buy, 
(2) analysing on each occasion the main reasons for the outsourcing, (3) decision 
about the form of cooperation with a specific outsourcing partner.” 

Introduction of outsourcing as institution in economic practice calls for a 
dynamic, extended over time and procedural approach, allowing to take account of 
different conditions, particularly in management, economy and law, enabling to 
achieve the intended effects of reaching for external services.” 

When analysing particular stages of implementing outsourcing as an 
organisational solution in an enterprise, attention should be drawn to the fact that, 
as such, it is an interdisciplinary process, since its efficient implementation requires 
the use of different techniques and skills as well as different areas of expertise in law, 
organisation and management. Introduction of outsourcing is a strategic change for 
the enterprise, which is why outsourcing directly affects: strategy, organisational 
structure, economic and social conditions within the enterprise. Implementation of 
outsourcing in an enterprise allows to distinguish key phases and stages of the 
outsourcing process.” Management of the outsourcing process comprises at least 
the following stages: 


(1) designing (planning) outsourcing 

(2) choice of the outsourcing partner and signing the appropriate outsourcing 
agreement 

(3) management of performance of the outsourcing agreement and relations with the 
outsourcing partner until the end of cooperation” 


The first stage involves a preliminary analysis of the strategic conditions and 
assessment of liability of the enterprise’s specific areas to severance. This stage must 
include: the definition of the specific purposes of the outsourcing, analysis of costs 
and advantages of implementing that institution, analysis of chances and risks 
relating to the implementation of outsourcing. This phase relates to the enterprise’s 
strategic goals. It is also necessary to specify the scope of outsourcing and its role. 

The second phase is the phase of introducing the outsourcing, involving the 
stages of selecting and acquiring the appropriate partner and signing the agreement. 
The purpose of that phase is to guarantee internal order during the implementation of 
the outsourcing by preparing an implementation schedule. At this stage, the agree- 
ment is finally signed, governing: the organisation, rights and obligations of the 


21 Juchno and Kaszubski (2001), p. 5. 
2 Kopczyński (2010), p. 14. 

3 Matejun (2015), pp. 93-99. 
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parties and all other cooperation areas. Such agreement is the outsourcing contract. 
When preparing and signing that type of document, it must be remembered that often 
the success of an external servicing process depends both on the construction, scope 
and specificity of its clauses. Provisions of each outsourcing agreement should be 
specifically negotiated and cover all legal aspects. In the process of preparing 
outsourcing agreements, an enterprise may hire external consultants.” The last 
phase of implementation is the operative stage, in which organisational relations 
taking place in the enterprise are subject to modification, and cooperation is 
established with the external service provider. The operative process should also 
cover, in the first place, control and monitoring of the contract’s performance, the 
aim of which must be to ensure that the actual activities performed as a part of 
external servicing are in line with the planned activities. 


5 Legal Aspects of the Outsourcing Contract 


Presentation of the legal framework of outsourcing is not an easy task. The basic 
difficulty follows from the fact that, in truth, it is difficult to talk about the 
“outsourcing contract’ even though the term is in widespread use. A closer analysis 
of both outsourcing practice and literature of that subject points to the conclusion 
that outsourcing means, in the first place, a certain method of organising business 
activity, consisting in the discussed “delegation outside’ of a part of the enterprise’s 
activities. Therefore, outsourcing is more of a mechanism in economy and manage- 
ment than any specific legal construction. This type of mechanism may use diverse 
legal instruments.”° 

Outsourcing consists in the conclusion of a contract under which the ordering 
party delegates, as a part of the ordering party’s enterprise, specific services relating 
to the operation of the enterprise to an external entity, and the party undertaking to 
perform the services pledges to render them in exchange for remuneration. 

The contract which forms the legal basis for outsourcing is a commercial contract 
sensu stricto (business-to-business) since both contractual parties are entrepreneurs. 
By its nature, it is a consensual, bilaterally binding, non-gratuitous and mutual 
agreement. Its parties may be referred to as the delegating party and the outsourcer.” 

In principle, the outsourcing contract does not require any specific form, how- 
ever, the need for its written documentation may arise under the provisions on 
accounting or tax legislation. 

The outsourcing agreement belongs to the category of empirical contracts. These 
contracts are formed as a result of mass conclusion of agreements of similar, 
analogous content and usually have specific names reflecting their general nature. 


>> Sobińska (2001), p. 35. 
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Such contracts are governed directly by the norms on the general question of 
performing obligations and possibly, by analogia legis, by specific obligational 
law norms on nominate contracts insofar as one can speak of their similarity with 
those contracts. Currently, the operation of innominate contracts is a universal legal 
phenomenon.*® This means that it is possible to establish a legal construction of a 
contract which does not correspond to any of the statutory contract types, whose 
obligational framework may lead to effective performance of the contract’s subject. 
The possibility of forming such contracts strictly relates to the principle of free 
formation of contracts.*? The outsourcing contract (excluding, e.g., insurance 
outsourcing, as will be discussed in a further part of this study) is formed under 
the principle of the freedom of contract, which means that the parties concluding the 
contract may define the legal relationship in their discretion as far as its content or 
purpose is not contrary to the nature of the relationship, the law or the principles of 
social coexistence. 

From the point of view of the classical civil law classification, the outsourcing 
contract may assume different nature. As such, this construction fits into the group of 
contracts for the provision of services. In certain situations, this may be a mandate 
contract, however, more frequently it may be a contract for the provision of services 
otherwise not regulated. Generally, when we have to do with multiple services 
rendered by the outsourcer, the purposes of outsourcing may also be achieved by 
applying the construction of a contract for a specific work, just as the agency, 
carriage, forwarding or storage contracts. In practice, complex economic relations 
force the formation of complex mixed contracts, comprising elements of different 
legal relationships.°° 

In the context of the above, one must agree with the opinion of academic authors 
recognising outsourcing as a mechanism in the field of economy and economic 
processes, such as: business stimulation, optimum employment strategy, etc. On the 
other hand, it does not give rise or directly attach to any specific legal construction. 
In the preparation of outsourcing agreements, contracting parties use different 
obligational constructions to optimally adjust the legal terms to the economic 
requirements.°! 

Since it is impossible to unambiguously indicate the contract type forming the 
basis for outsourcing, the final spectrum of the parties’ rights and obligations will 
depend on the final shape of the contract and understanding between the parties. 
Unless otherwise provided in the agreement, the rules on specific contracts type will 
come into play. The fact that, in a particular case, a given contract type becomes the 
basis for outsourcing has no principal importance from the point of view of the 
abovementioned rights and obligations. The principles of good faith and trust may, 


?8 In Polish law, the term innominate contract refers to contracts without a legal regime, which may 
be concluded according to the principle of free contract conclusion. 
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however, affect the performance of the parties’ obligations if they have both 
contemplated that a specific contractual agreement has the economic purpose of 
outsourcing.” 

Based on the analysis of outsourcing contracts concluded in the ordinary course 
of trade, one can distinguish the principal elements of that contract, i.e.: specification 
of the scope of works, agreement as to the level of the rendered service, remuner- 
ation, term of the agreement, terms of managing the process, rules on intellectual 
property, sectoral provisions, terms of terminating the contract, rules on subcontrac- 
tors and court jurisdiction to resolve disputes.** 

In the outsourcing practice, an essential legal problem is protection of business 
secrets. In response to that question, it must be concluded that there are no specific 
rules governing outsourcing from that point of view. Consequently, the general rules 
on the protection of business secrets should apply. It must be reminded that business 
secrets may be protected by: (1) the duty of so-called professional secrecy; (2) rules 
on combatting unfair competition; (3) special contractual clauses.** 

An essential element of the outsourcing regulation is the supervision exercised 
over the phenomenon. The possibility of outsourcing tasks to another entity may, 
therefore, be subject to restrictions following from the legal regimes of pursuing 
certain types of activity. This problem is especially evident in the context of 
insurance activities. 


6 Outsourcing in Insurance Activities 


Under the abovementioned Solvency II Directive, specific rules were introduced in 
the insurance law system on the entrusting by insurance and reinsurance undertak- 
ings of their own activities to external contractors, including requirements relating to 
the contents of contracts under which the outsourced activities are performed. 
Insurance undertakings, as public trust institutions, should perform their tasks 
properly and safely to customers, which is why requirements in respect of 
outsourcing of specific activities and functions constitute a material element of the 
system of governance in an insurance undertaking. Moreover, insurance outsourcing 
is subject to disclosure obligations and supervision by the Polish Financial Super- 
vision Authority (KNF). 


3? Sobiriska (2008), p. 89. 
33 Malarewicz-Jakubéw and Tanajewska (2014), p. 238. 
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6.1 The Legal Regime and the Scope of Financial 
Outsourcing Under the Solvency II Directive 


Under Art. 13(28) of the Solvency II Directive, ‘outsourcing’ means an arrangement 
of any form between an insurance or reinsurance undertaking and a service provider, 
whether a supervised entity or not, by which that service provider performs a 
process, a service or an activity, whether directly or by sub-outsourcing, which 
would otherwise be performed by the insurance or reinsurance undertaking itself. 

Moreover, the EU legislator indicated, in Recital (37) of the Solvency II Direc- 
tive, that: ‘[i]Jn order to ensure effective supervision of outsourced functions or 
activities, it is essential that the supervisory authorities of the outsourcing insurance 
or reinsurance undertaking have access to all relevant data held by the outsourcing 
service provider, regardless of whether the latter is a regulated or unregulated entity, 
as well as the right to conduct on-site inspections. To take account of market 
developments and to ensure that the conditions for outsourcing continue to be 
complied with, the supervisory authorities should be informed prior to the 
outsourcing of critical or important functions or activities’, which means that the 
role and importance of outsourcing was recognised for the proper management of an 
insurance undertaking. 

The EU legal regime under the abovementioned Directive imposes the require- 
ment of minimum harmonisation. Minimum harmonisation is the case when a 
directive imposes a set of minimum requirements to be implemented by EU Member 
States, which is often a consequence of recognising the fact that legal systems in 
certain EU Member States already provide for more stringent requirements. This 
allows Member States to introduce more far-reaching provisions than set out in the 
Directive. 

Outsourcing of critical or important operational functions or activities may not be 
undertaken to: (1) materially deteriorate the quality of the governance system in a 
given undertaking; (2) excessively increase the operating risk; (3) impede the 
supervisory authority’s ability to monitor the compliance by the insurance under- 
taking with its obligations; (4) impair the provision of continuous and satisfactory 
services to policyholders. 

Therefore, it is the duty of Member States to ensure that insurance undertakings 
and reinsurance undertakings assume full liability for the performance of all their 
obligations under the Directive in case of outsourcing their operational functions or 
insurance or reinsurance activities.*° 

The Directive does not introduce any express prohibition of limiting liability for 
damages caused to an insurance undertaking’s customers because of 
non-performance or improper performance of the contract by the outsourcing service 
provider. However, more restrictive solutions in this regard may be introduced in the 
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provisions implementing the rules of the Solvency II Directive into Member States’ 
legal systems. 

The obligations of insurance undertakings include the preparation in writing— 
beside risk management terms, rules of internal control and internal audit—also of 
the operating terms of outsourcing—such terms are to be reviewed at least once a 
year and should be approved in advance by the supervisory authority. Insurance 
undertakings and reinsurance undertakings are obliged to notify the supervisory 
authority in good time about outsourcing of critical or important functions or 
activities and about all later significant changes to such functions or activities. 

For that purpose, Member States of the EU should ensure that insurance under- 
takings and reinsurance undertakings entering into an outsourcing agreement with 
regard to a given function or insurance or reinsurance activity take necessary steps to 
guarantee the following conditions: (1) the outsourcing service provider must 
cooperate with the authorities supervising the insurance undertaking or reinsurance 
undertaking in relation to the outsourced function or activity; (2) insurance under- 
takings and reinsurance undertakings, their statutory auditors and supervision 
authorities must have an actual access to the data relating to the outsourced functions 
or activities; (3) supervisory authorities must have an actual access to the premises of 
the outsourcing service provider and must be able to enforce such access rights. 

Additionally, the authorities supervising an insurance undertaking or reinsurance 
undertaking should be entitled to carry out—independently or through parties 
designated by such authorities—on-site inspections at the service provider’s pre- 
mises. In case of cross-border outsourcing services being rendered in the EU, the 
competent supervisory authority of the home state of the insurance undertaking or 
reinsurance undertaking must notify the appropriate authority in the Member State of 
the outsourcing service provider before carrying out the on-site inspection. The 
Solvency II Directive requires as well that the supervisory entitlements relating to 
the right to information about the insurance undertaking’s situation or the right to 
impose administrative penalties that may be imposed on insurance undertakings and 
reinsurance undertakings should apply also in relation to the activities outsourced by 
insurance undertakings or reinsurance undertakings.*° 

Provisions of the Solvency II Directive are indistinct or constitute mere guide- 
lines—indicating the goal that should be achieved by transposing specific provisions 
into national legal systems, which is characteristic of many directives. In this 
context, it is also worth pointing to the Commission Delegated Regulation 
(EU) 2015/35 of 10 October 2014 supplementing Directive 2009/138/EC of the 
European Parliament and of the Council on the taking-up and pursuit of the business 
of Insurance and Reinsurance (Solvency I)” or EIOPA Guidelines on system of 


38 
governance. 


36 Czublun (2010), p. 32. 
370J L 12/1, 17.01.2015; hereinafter: Delegated Regulation. 
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6.2 Outsourcing Rules Applicable to Insurance Undertakings 
Under the Delegated Regulation 


An insurance undertaking or reinsurance undertaking outsourcing or planning to 
outsource insurance or reinsurance functions or activities to a service provider, must 
introduce, in writing, the rules of outsourcing, taking into account the outsourcing’s 
impact on the activities of the undertaking and solutions in the area of reporting and 
monitoring, which should be implemented in case of the decision to outsource. The 
undertaking must guarantee compliance of the outsourcing agreement’s terms with 
the obligations of the undertaking under Art. 49 of the Directive Solvency II. 

If the insurance undertaking or reinsurance undertaking and the outsourcing 
service provider belong to the same group, the undertaking outsourcing its critical 
or important operational functions or activities is obliged to consider the scope in 
which it controls the service provider or can influence the latter’s actions. When 
selecting the service provider mentioned above with regard to critical or important 
operational functions or activities, the administering, managing or supervising body 
must ensure: (a) a thorough analysis to guarantee that the potential service provider 
has the skills, capacities and, possibly, authorisations required under legal pro- 
visions, enabling the service provider to duly perform the outsourced functions or 
activities, taking into consideration the undertaking’s objects and needs; (b) taking 
by the outsourcing service provider of all measures to ensure that the fulfilment of 
the outsourcing undertaking’s needs is not threatened by any actual or potential 
conflict of interest; (c) conclusion between the insurance undertaking or reinsurance 
undertaking and the service provider of a written agreement specifying expressly the 
respective rights and obligations of the undertaking and of the service provider; 
(d) clarifying in intelligible terms the conditions of the outsourcing agreement to the 
administering, managing or supervising body and their approval by such body; 
(e) non-violation of law, especially provisions on data protection, in connection 
with the outsourcing; (f) subordination of the service provider to the same rules on 
information security and confidentiality relating to the insurance undertaking or 
reinsurance undertaking, their policyholders or beneficiaries, as applicable to the 
insurance undertaking or reinsurance undertaking.*° 

In addition, the Delegated Regulation specifies the requirements that must be met 
by an outsourcing contract concluded by an insurance undertaking or reinsurance 
undertaking. Under that provision, the written agreement to be concluded between 
the insurance undertaking or reinsurance undertaking and service provider must 
specifically include the following express contents: (a) the duties and responsibilities 
of both parties involved; (b) the service provider’s commitment to comply with all 
applicable laws, regulatory requirements and guidelines as well as policies approved 
by the insurance or reinsurance undertaking and to cooperate with the undertaking’s 
supervisory authority with regard to the outsourced function or activity; (c) the 


39 Art. 274 (1)-(3) of the Delegated Regulation. 
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service provider’s obligation to disclose any development which may have a mate- 
rial impact on its ability to carry out the outsourced functions and activities effec- 
tively and in compliance with applicable laws and regulatory requirements; (d) a 
notice period for the termination of the contract by the service provider which is long 
enough to enable the insurance or reinsurance undertaking to find an alternative 
solution; (e) that the insurance or reinsurance undertaking is able to terminate the 
arrangement for outsourcing where necessary without detriment to the continuity 
and quality of its provision of services to policyholders; (f) that the insurance or 
reinsurance undertaking reserves the right to be informed about the outsourced 
functions and activities and their performance by the services provider as well as a 
right to issue general guidelines and individual instructions at the address of the 
service provider, as to what must be considered when performing the outsourced 
functions or activities; (g) that the service provider shall protect any confidential 
information relating to the insurance or reinsurance undertaking and its 
policyholders, beneficiaries, employees, contracting parties and all other persons; 
(h) that the insurance or reinsurance undertaking, its external auditor and the 
supervisory authority have effective access to all information relating to the 
outsourced functions and activities including carrying out on-site inspections of 
the business premises of the service provider; (i) that, where appropriate and 
necessary for the purposes of supervision, the supervisory authority may address 
questions directly to the service provider to which the service provider shall reply; 
(j) that the insurance or reinsurance undertaking may obtain information about the 
outsourced activities and may issue instructions concerning the outsourced activities 
and functions; (k) the terms and conditions, where applicable, under which the 
service provider may sub-outsource any of the outsourced functions and activities; 
(1) that the service provider’s duties and responsibilities deriving from its agreement 
with the insurance or reinsurance undertaking shall remain unaffected by any 
sub-outsourcing taking place according to point (k). 


4 Art. 274(4) of the Delegated Regulation. 
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6.3 EIOPA” Guidelines on System of Governance” 


An important source in the context of guidelines delivered by supervisory authorities 
in respect of the organisation of outsourcing are EIOPA Guidelines on system of 
governance. EIOPA Guidelines are not a source of law, but mere recommendations 
addressed to national supervisors, suggesting a direction for the implementation of 
operating principles in the areas subject to supervision; however, they provide 
essential information about the desired direction of operating solutions in such areas. 

In case of delivery of guidelines by EIOPA to national supervisory authorities or 
directly to financial institutions, it must be emphasised that the national supervisory 
authority or financial institution is obliged to notify (within two months of the 
delivery of the guideline or recommendation) if it will comply or intends to comply 
with the given guideline or recommendation. If the national supervisory authority or 
the financial institution does not comply with the respective instrument or does not 
intend to do so, the national supervisory authority or financial institution is obliged to 
notify that fact to EIOPA, providing justification. As such, soft law instruments 
delivered by EIOPA are not legally binding on the national supervisory authorities, 
however, those authorities are obliged to answer EIOPA’s guidelines and recom- 
mendations addressed to them. Furthermore, EIOPA is obliged to publish informa- 
tion that a national supervisory authority does not comply or does not intend to 
comply with a given guideline or recommendation. EIOPA may also, in a specific 
situation, decide to publish the justification of non-compliance with a given guide- 
line or recommendation, as provided by the respective national supervision author- 
ity. The national supervisory authority is notified in advance about such 
publication.** 

And so, in Guideline 1.7, it was laid down who, within the governance system of 
an insurance undertaking, may be considered the person responsible, performing a 
key function: ‘The notification requirements only apply to persons who effectively 
run the undertaking or are key function holders as opposed to persons who have or 
perform a key function. In case of outsourcing of a key function or outsourcing of a 
part of a function where this part is regarded as key, the person responsible is 


“‘Under Art. 16 of the Regulation (EU) No 1094/2010 of the European Parliament 
and of the Council of 24 November 2010 establishing a European Supervisory Authority 
(European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC 
and repealing Commission Decision 2009/79/EC (OJ L 331,15.12.2010, p. 48), EIOPA has 
the right to deliver guidelines and recommendations addressed to national supervisory authorities 
or directly to financial institutions. 

“BIOPA Guidelines on system of governance No. EIOPA BoS-14/253 PL, https://eiopa.europa. 
eu/GuidelinesSII/EIOPA_Guidelines_on_System_of_Governance_PL.pdf; and the Final Report 
on Public Consultation No. 14/017 on Guidelines on system of governance. 

43.S0: Szaraniec (2020), pp. 36-60. See also: Art. 16(3) of the Regulation (EU) No. 1094/2010. 
Moreover, if the guideline or recommendation so requires, the financial institution shall clearly and 
specifically notify if it complies with the guideline or recommendation. 
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considered to be the one who has the oversight over the outsourcing at the 
undertaking’. 

According to EIOPA Guideline 14, on outsourcing of key functions, the insur- 
ance undertaking should implement competence and reputation assessment proce- 
dures in relation to persons engaged by the service provider or sub-provider for 
purposes relating to the performance of the outsourced key functions. The under- 
taking should designate, out of its personnel, a person generally responsible for the 
outsourced key functions, who must have sufficient competences and reputation and 
have sufficient expertise and experience regarding the outsourced key function to be 
capable of verifying the level of its performance and the results achieved by the 
service provider. The designated person is deemed to be responsible for the key 
function and, as such, must be notified to the supervisory authority.“ 


6.4 Insurance Outsourcing in Polish Law 


The Act of 11 September 2015 on insurance and reinsurance activities (hereinafter: 
Polish Insurance Activities Act) includes provisions on outsourcing in insurance and 
reinsurance activities. Those provisions were adopted because of the need to imple- 
ment the Solvency II Directive into the national legal system. 

Under the legal definition expressed in Art. 3(1) item 27 of the Polish Insurance 
Activities Act, for the purposes of that act, the term outsourcing means: ‘a contract 
between the insurance undertaking or reinsurance undertaking and the service 
provider under which the service provider performs a process, service or activity 
which would be otherwise performed by the insurance undertaking or reinsurance 
undertaking, including contracts under which the service provider delegates the 
performance of such process, service or activity to other entities through which the 
service provider performs the given process, service or activity’. 

The source of outsourcing in the understanding of the Polish Insurance Activities 
Act may be any contract, either nominate or innominate, as long as it relates to 
performance of a process, service or activity which would be otherwise performed 
by the insurance undertaking or reinsurance undertaking. 

The possibility of entering into outsourcing contracts by insurance distributors in 
Poland will relate only to insurance or reinsurance undertakings since only such 
solution was provided for in the Polish Act on insurance and reinsurance activities.*° 
Under Art. 3(1) item 27 of that Act, the Polish legislator introduced a broad 
definition of the outsourcing contract to subsequently narrow down the contract’s 
scope under Art. 73 only to certain insurance activities and to so-called functions 


44 Mrozowska-Bartkiewicz and Wnek (2016), pp. 11-12. 
45Machulak and Ziemba (2018), p. 3 et seq. 


46 See: Arts. 73-76 of the Act of 15 September 2015 on insurance and reinsurance activities (Dz.U. 
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within the governance system, whereby, in listed situations, outsourcing contractors 
are exempt from insurance secrecy.“ Under Art. 73 of that Act: 


(1) the insurance undertaking may, by way of outsourcing, entrust in writing 
performance of the insurance activities referred to in Art. 4(7) item 3 and Art. 
4(8) and (98 of the Polish Insurance Activities Act 

(2) the insurance undertaking or reinsurance undertaking may, by way of 
outsourcing, entrust in writing performance of the activities referred to in Art. 
4(2) item 2 and 4 and in Art 4(5)” 

(3) the insurance undertaking or reinsurance undertaking may, by way of 
outsourcing, entrust in writing to other entities the performance of functions 
belonging to the governance system? 


In addition, the Polish Insurance Activities Act does not preclude the possibility 
of subcontracting by the service provider of the undertaking’s activities or functions 
to another party (sub-outsourcer).°! 

Under Art. 274(4) of the Delegated Regulation, a contract between the insurance 
undertaking or reinsurance undertaking and the external provider should specify the 
terms under which the provider may sub-outsource the outsourced functions and 
activities. The agreement should also include an obligation of the external provider 
under which the latter’s obligations and tasks under the contract with the insurance 
(reinsurance) undertaking should remain intact in case of possible sub-outsourcing. 
EIOPA also draws attention to the fact that if the sub-outsourcing involves further 
delegation of critical or important functions, this should be approved by the insur- 
ance undertaking or reinsurance undertaking.” 


So: Art. 35(2) item 26 of the Polish Insurance Activities Act. 


48By way of example, this will be the following activities: making declarations of intention in 
matters relating to claims for compensation or other benefits under insurance contracts, insurance 
guarantee contracts, or entrusting their conclusion to authorised insurance intermediaries, as well as 
reinsurance contracts’ conclusion; payment of compensations or other benefits under the said 
contracts; determining the causes and circumstances of fortuitous events; determining the amount 
of damage or compensation or other benefits payable to the entitled parties under insurance 
contracts or insurance guarantee contracts. 

“By way of example, this will be the following activities: making declarations of intention in 
matters relating to claims for compensation or other benefits under inward reinsurance contracts or 
retrocession contracts; exercising control over assignors’ compliance with contractual terms; acts 
directly relating to reinsurance activities, especially acts performed in the area of statistical advice, 
actuarial consulting, risk analysis, research for customers, investing reinsurance undertaking’s 
assets, or activities of preventing or mitigating the consequences of insurance accidents or financing 
of such activities from the provident fund. 

*°By ‘governance system’, one should understand, according to Art. 3(1) item 46 of the Polish 
Insurance Activities Act, a system covering the function of risk management, function of legal 
compliance, function of internal audit and actuarial function, ensuring due and prudent management 
of the insurance undertaking or reinsurance undertaking. 

51 Such situation is admissible, e.g., in banking activities. For more on that, see: Byrski (2018), p. 90 
et seq. 


>?Machulak and Ziemba (2018), p. 14. 
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The provision of Art. 73 of the Polish Insurance Activities Act lays down an 
exhaustive list of activities and functions that may be entrusted by an insurance 
undertaking to a service provider under an outsourcing contract. In that context, it is 
excluded that an insurance undertaking might entrust to a service provider, under an 
outsourcing contract, performance of any activities or functions other than expressly 
and directly listed in Art. 73 of that Act? (more on that in section 6 of this article). 

Another crucial obligation is the requirement, provided in Art. 75(2) of the Polish 
Insurance Activities Act, to notify the supervisory authority at least 30 days ahead of 
the implementation of outsourcing in respect of functions belonging to the gover- 
nance system or critical or important activities, and of any essential change to the 
outsourcing of such functions or activities. In the context of such notification, one 
should consider the EIOPA Guidelines.’ It seems that the obligation to notify the 
supervisory authority about an essential change to the outsourcing covers not only 
planned changes in the contract with the external service provider. EIOPA points out 
that the notification obligation should also cover such situations as, for example, 
non-compliance by the external service provider with applicable legislation or 
material problems with access to data or information." However, in such instances, 
the insurance (reinsurance) undertaking could not usually make the notification in 
advance. Therefore, it would be reasonable to assume that the obligation materialises 
only upon detection by the insurance undertaking of the existing irregularities 
possibly qualifying as an essential change to the outsourcing. 

Art. 76 of the Polish Insurance Activities Act introduces a prohibition of any 
exclusion or limitation of the insurance undertaking’s liability for damages caused 
respectively to policyholders, insured parties or beneficiaries under insurance con- 
tracts.°’ Such liability may not be excluded or limited even if the insurer cannot be 
assigned culpa in eligendo. Also, the liability of an undertaking for damages caused 
to assignors in consequence of non-performance or improper performance of 
outsourcing may not be excluded or limited.** 


3 Wajda (2016), p. 376; Koztowska (2016), p. 196; otherwise: Machulak and Ziemba (2018), p. 6. 
*4See Guideline 64. In its written notification of outsourcing, the insurance (reinsurance) under- 
taking should include a description of the scope and the rationale for the outsourcing and the service 
provider’s name. When outsourcing concerns a key function, the information should also include 
the name of the person in charge of the outsourced function or activities at the service provider. 
> Final Report on Public Consultation No. 14/017 on Guidelines on system of governance, p. 100. 
56 Machulak and Ziemba (2018), p. 13. 


57 In literature, based on the example of the banking market, it is indicated that such an absolute 
prohibition does not satisfy the test of legal proportionality. The author is of the opinion that a 
provision should be adopted obligating payment service providers to implement an adequate and 
effective solution securing the coverage of possible costs relating to the payment of compensation 
under customer claims for damages caused by non-performance or improper performance of a 
contract, e.g., by such outsourcing partner’s civil liability insurance. So: Byrski (2018), 
pp. 466-467. 


>8Mrozowska-Bartkiewicz and Wnek (2016), p. 11. 
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6.5 Outsourcing and Insurance Intermediation 


Neither the Solvency II Directive nor the Directive (EU) 2016/97 of the European 
Parliament and of the Council of 20 January 2016 on insurance distribution (IDD)° ? 
relates its provisions on outsourcing to the conclusion of legal acts by insurance 
intermediaries. In the discussed Guidelines, EIOPA postulates the principle that the 
competent national supervisory authorities should make sure that in case of an 
insurance intermediary, other than the undertaking’s employee, given authority to 
underwrite business or settle claims in the name and on account of an undertaking, 
the undertaking ensures that the activity of such intermediary is subject to the 
outsourcing requirements.°° 

EIOPA’s Guidelines refer to situations in which the insurance intermediary 
renders to the insurance undertaking an entire service package, e.g., claim settle- 
ment, payment of benefits under contracts concluded both through that intermediary 
and other distributors, including directly with the insurance undertaking, services 
involving the intermediary’s possibility of independent assessment and assumption 
of insurance risk and not mere execution of the insurance undertaking’s instructions 
under the power of attorney to render insurance intermediation services.°! 

Thus, it must be concluded that situations in which the insurance intermediary 
assuming the risk uses tools provided by the insurance undertaking are not examples 
of outsourcing. 

On the other hand, in situations when the insurance intermediary, during insur- 
ance intermediation, uses his own tools intended for the assessment and acceptance 
of risk, one might speak of such activity’s outsourcing by the insurance undertaking 
and, in such event, this should be both reflected in the provisions of contracts 
concluded with such intermediary and allowed for in the outsourcing policy of the 
insurance undertaking. It must be noted that on such occasions the insurance 
undertaking is not exempt from its obligations relating to the outsourcer’s proper 
supervision, as discussed above.” 


OJ L 26/19, 2 February 2016. 

“See EIOPA Guideline 61: When an insurance intermediary, who is not an employee of the 
undertaking, is given authority to underwrite business or settle claims in the name and on account 
of an undertaking, the undertaking should ensure that the activity of this intermediary is subject to 
the outsourcing requirements. 


6l Mrozowska-Bartkiewicz and Wnek (2016), pp. 12-13. 
©? Mrozowska-Bartkiewicz and Wnek (2016), pp. 12-13. 
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7 EIOPA Guidelines on Outsourcing to Cloud Service 
Providers —Note 


On 6 February 2020, EIOPA published ‘Guidelines on outsourcing to cloud service 
providers’. Those are guidelines addressed to insurance undertakings and reinsur- 
ance undertakings concerning the application by such undertakings of the provisions 
on outsourcing of the Solvency II Directive and Commission delegated regulations 
in relation to outsourcing to cloud service providers. The Guidelines apply on the 
level of insurance or reinsurance undertaking and of a group. Insurance and rein- 
surance undertakings are required to ‘make every effort to comply’ with the Guide- 
lines and to follow them in accordance with the regulatory framework. 

Undertakings should revise and update their internal policies and processes 
within 1 January 2021 to adjust them to the said Guidelines.“ The Guidelines 
apply to any arrangements relating to cloud outsourcing made by insurance and 
reinsurance undertakings; however, special emphasis is put on the outsourcing of 
critical or important operational functions or activities to cloud providers. 

The critical matters relating to the adaptation of insurance undertakings to the 
discussed EIOPA Guidelines will be: 


(1) Documentation requirements (Guideline 5)—in this context, insurance under- 
takings and reinsurance undertakings should maintain a special register of their 
cloud outsourcing arrangements. The register should be regularly updated and 
provided to the supervisory authority upon the latter’s request. Moreover, 
insurance and reinsurance undertakings must ensure updates of all their internal 
outsourcing policies and procedures to reflect the new Guidelines. 

(2) Risk assessment of cloud outsourcing (Guideline 8), which should involve an 
approach proportional to the nature, scope and complexity of the risks inherent 
in the services outsourced to cloud service providers as incurred by insurance or 
reinsurance undertakings. This includes assessment of the potential impact of the 
cloud outsourcing on the undertaking’s operational and reputational risk. 

(3) Due diligence on cloud service provider (Guideline 9)—meaning that insurance 
and reinsurance undertakings should ensure, in their selection and evaluation 
processes, that the service provider is adequate according to the criteria specified 
in their written outsourcing policies. Due diligence concerning the cloud service 
provider’s choice must be carried out prior to outsourcing any operational 
function or activity. 


63 https://eiopa.europa.eu/Pages/News/EIOPA-consults-on-guidelines-on-outsourcing-to-cloud- 
service-providers.aspx. 

°4 Arrangements on cloud outsourcing should be concluded by insurance or reinsurance undertak- 
ings from 1 January 2021. By the end of 2022 such undertakings should adjust their existing cloud 
outsourcing agreements relating to contracts involving critical or important operational functions or 
activities concluded before that date to the Guidelines or explain to supervisory authorities why they 
have not done so or provide a plan for handling the situation. 
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(4) Contractual requirements (Guideline 10)—this Guideline introduces certain 
clauses to be included in every outsourcing agreement covering critical or 
important cloud-based operational functions or activities concluded between 
the insurance or reinsurance undertaking and the cloud service provider. 

(5) Sub-outsourcing of critical or important cloud-based operational functions or 
activities (Guideline 13)—requirement imposed on cloud service providers to 
notify their customers of any planned significant changes to the subcontractor’s 
services. Customers of cloud service providers have the right to express their 
consent or object to such changes. 

(6) Termination rights (Guideline 15)—clear definition of exit strategies necessary 
to enable termination of contracts without detriment to the continuity or quality 
of services rendered to policyholders (insurance undertakings’ customers). 


In addition, insurance undertakings and reinsurance undertakings must grant 
supervisory authorities the rights of access and audit of their CSPs (including the 
right of access to data centres, etc.). 

A large part of the Guidelines concentrates on questions of safety and organisa- 
tion and, on this occasion, it is necessary to engage governance/compliance teams 
and panels responsible for safety. In the context of the requirement to ensure 
information security, an interesting—and apparently having potentially significant 
practical impact—element are comments of the supervisory authorities on encryp- 
tion and disclosure of information. As a rule, all data processed in cloud are to be 
encrypted in transit and at rest. Supervised entities may derogate from that rule when 
encryption is technically impossible or economically groundless. 


8 Final Conclusions 


The above investigations revealed that outsourcing means, in the first place, a certain 
method of organising business activities, consisting in the abovementioned ‘delega- 
tion’ of a part of the undertaking’s activities outside. Consequently, outsourcing is 
treated more as mechanism in economy and management than any specific legal 
construction. In fact, this type of mechanism may use different legal instruments.°° 
The problems of outsourcing are of major importance for the operation of insurance 
undertakings and reinsurance undertakings. Therefore, it is extremely crucial to 
specify the legal framework for outsourcing because, in practice, almost every 
contract concluded by an insurance undertaking or reinsurance undertaking with 
an external provider should be analysed in the context of the abovementioned legal 
provisions. 


© https://www.williamfry.com/newsandinsights/news-article/2020/09/07/how-do-the-eiopa-guide 
lines-on-cloud-outsourcing-impact-insurers-and-reinsurers. 


°° Robaczyriski (2018), p. 481. 
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The definition of outsourcing as included in the Solvency II Directive contains 
requirements and restrictions provided for activities of critical nature or important for 
the operation of a given insurance (reinsurance) undertaking or pertaining to func- 
tions of the governance system. Moreover, Solvency II creates a specific concept of 
insurance outsourcing, which shows features that distinguish it from the general 
approach to the outsourcing process. The minimal nature of the Directive allows 
Member States to specify such activities in national law. In Polish law the object of 
outsourcing may only be the activities indicated in Art. 73 of the Polish Insurance 
Activities Act. This means that insurance and reinsurance undertakings may not 
outsource any activities other than those expressly listed in the discussed provisions. 
As a result, it must be concluded that the applicable legislation imposes on insurance 
and reinsurance undertakings a restriction of the freedom to conclude contracts in 
respect of outsourcing.” In Polish law, the objective scope of regulation of the 
outsourcing contract is much wider in the banking market than in the insurance 
market since the Polish legislator allows payment institutions to outsource much 
more banking functions to the outsourcing contractor,°* and introduces a prohibition 
of restricting or excluding its liability vis-a-vis the payment service provider. The 
legislator also introduced an exemption from the payment outsourcing regime in 
respect of services rendered by technical service providers as long as they do not 
enter into possession of the funds subject to the payment transaction.°° 

There is a clear trend of expanding the insurance outsourcing regime to further 
performance of a process, service or activity by an insurance undertaking—an 
example is the EIOPA Guidelines on outsourcing to cloud service providers. 
Soon, one should expect expansion of the insurance outsourcing regime in respect 
of establishing cooperation between Insurtech companies and traditional insurance 
distributors. IDD does not point to the problem of outsourcing in its provisions. 
However, development of new technologies gives rise to the need for the legal 
regulation of outsourcing, especially in respect of regularising and harmonising the 
relevant legal regime in the entire internal financial market of the European Union. 
On the payment services market, tendencies may be observed of controlling the 
cooperation between payment institutions and Fintech companies—as evidenced by 
EBA Guidelines in this regard.”° 


67 There are also such views in the literature that insurance outsourcing can be performed without 
restrictions. Moreover, it seems that, formulated in Art. 49 sec. 2 lit. a-d of the Solvency II 
Directive, the list of negative requirements relating to outsourcing of essential or important 
functions or operational activities is closed, which means that it is not possible to set other 
restrictions in this respect. See: Machulak and Ziemba (2018), p. 13. 

68 See: Arts. 6a and 6b of the Act of 29 August 1997—Banking Law (Dz.U. 2018, item 2187), or 
Arts. 9a-9g of the Act of 5 November 2009 on cooperative savings and credit unions (Dz.U. 2018, 
item 2386). 

© So: Art. 6 item 10 of the Act of 19 August 2011 on payment services (Dz.U. 2017, item 2003). 
For more on that, see: Byrski (2018), p. 307. 

7 https://eba.europa.eu/documents/10180/2761380/EBA +revised+Guidelines+on+outsourcing_ 
PL.pdf/755 1b1c5-534d-44aa-b524-6 1eb8929 154d. 
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The absence of legislation on the EU level forces ESAs to search for appropriate 
and effective supervisory instruments in the solutions adopted in other countries of 
the world and in Europe for the development of Insurtech companies and their 
cooperation with traditional insurance distributors. New technologies pose new 
challenges to supervisory authorities, most serious ones after the global financial 
crisis of 2008. Finally, it would be impossible not to notice that the introduction of 
new technologies on the insurance market is based mainly on the market’s self- 
regulation through ‘soft law’ (guidelines and recommendations). An analysis of the 
current construction of guidelines and recommendations under the applicable EU 
legislation gives rise to the thesis that the legislator ‘reinforced’ the performance of 
such guidelines and recommendations by their addressees. They are binding on the 
addressees as far as fulfilment of their objectives is concerned, and non-binding in 
terms of the means leading to such ends. A disciplinary instrument in this construc- 
tion is the possibility of disclosing (publishing) by the supervisory authority the 
received information relating to the refusal to adjust by the supervised entity to the 
issued guideline or recommendation. Due to all those solutions, introduction of new 
technologies on the insurance market may be based on the delivery of guidelines and 
recommendations, however, there is a need for appropriate legislative solutions in 
this regard on the European Union level. The construction of uniform insurance 
market of the EU implies that any activities in this regard should be compulsory, 
harmonised and consistent for the entire market and for particular Member States.’ 
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Remuneration Policies of Insurance A 
Undertakings in Europe: Principles centen 
for a Deeply Heterogeneous Reality 


Covadonga Díaz Llavona 


Abstract The provisions on remuneration policies and practices under the Solvency 
II framework have been recently supplemented by an Opinion published by the 
European Insurance and Occupational Pensions Authority. The lack of any high- 
level standard in this respect in the Directive and the open character of most of the 
principles and orientations entailed in these instruments have led to a landscape of 
different national implementation rules, which also need to be connected to the 
different corporate governance provisions of each Member State. 

This chapter aims to analyse the European provisions about remuneration in the 
insurance industry and connect them first to those provided for the banking sector, 
and then to the Member States regimes that arise from both the implementation of the 
EU policies and the international rules, with the purpose of pointing out the weaker 
aspects of the existing regulation and proposing some possible ways for 
improvement. 


1 Introduction 


On 1 January 2016, the Directive 2009/138/EC of the European Parliament and of 
the Council on the taking-up and pursuit of the business of Insurance and Reinsur- 
ance (Solvency II Directive) entered into force.' 

In relation to the present chapter, the provisions of Solvency II Directive were 
supplemented by the Commission Delegated Regulation (EU) 2015/35, and more 
recently, by an Opinion of the European Insurance and Occupational Pensions 


! Although the Solvency II framework is working well, the Directive itself foresaw a review of its 
provisions at the latest by | January 2021 to improve the existing regulation based on the experience 
during the past years of application and to consider the changes in the economic context. References 
to this review will be made later. 
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Authority (EIOPA) on the supervision of remuneration principles in the insurance 
and reinsurance sector (EIOPA -BoS-20-040, 31 January 2020). 

While the guidelines are few and apparently clear, the way in which the European 
Institutions have incorporated the new remuneration provisions via delegated act, 
without including an express mention in the Directive itself, entails many problems 
that are addressed in the chapter. As will be shown, the poor structure of the 
insurance sector provisions is in contrast to the much better constructed regime of 
the remuneration provisions included in the CRD III and CRD IV package for the 
banking sector. A comparison of both schemes can reveal some means for improve- 
ment in the insurance sector. As it gets analysed in the latter part of the chapter, the 
insurance market shows a complex situation regarding remuneration policies, arising 
mainly from two factors: on the one hand, the European insurance industry presents 
a wide range of organisational structures and business models, especially regarding 
size and risk profile. These differences demand a flexible application of the rules and, 
in some cases, the taking into account of the proportionality principle. On the other 
hand, the application of these special rules to insurance undertakings does not 
prevent these undertakings from also being subject to the company law of their 
country of origin. It is a known fact that the structure of the governing bodies of the 
companies and the legal regime applicable to them vary greatly between Member 
States, which makes it more difficult to determine the scope and application of 
provisions contained in the above-mentioned insurance industry’s specific rules on 
remuneration policies. 

The chapter aims to analyse the European provisions about remuneration in the 
insurance industry and connect them first to those provided for the banking sector, 
and then to the Member States regimes that arise from both the implementation of the 
EU policies and the international rules, with the aim of pointing out the weaker 
aspects of the existing regulation and proposing some possible ways for 
improvement. 


2 European Regulatory and Supervisory Framework 
for Remuneration Policies in Insurance Undertakings 


The introduction of Solvency II regime involved a complete transformation of the 
prudential framework for insurance firms in the European Union. The new risk- 
based approach was achieved by the Directive and the delegated acts that followed 
through a three-pillar structure: quantitative requirements (Pillar I), governance of 
the undertaking and supervisory activity (Pillar II) and supervisory reporting and 
public disclosure (Pillar III). The issues addressed in this study fall under the second 
pillar, which sets out requirements for risk management, governance and process of 
supervision. 

The Directive itself does not include specific remuneration provisions, but it does 
dedicate the whole Section 2 of Chapter IV to the system of governance of insurance 
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and reinsurance undertakings. Articles 41 to 50 set out some high-level principles 
that apply to all aspects of the system of governance of the firms and, therefore, also 
to their remuneration system. At this respect, among those principles, as provisions 
connected in certain way to the remuneration system of undertakings, one can refer 
to the need of a transparent organisational structure with clear allocation and 
appropriate segregation of responsibilities (Art. 41), the fit and proper requirements 
for persons who effectively run the undertaking or have other key functions (qual- 
ification and experience, and persons of good repute) (Arts. 42—43), or with a clearer 
link to remuneration, the need to implement an effective risk-management system to 
identify, measure, monitor, manage and report on a continuous basis the risks to 
which the undertaking could be exposed (Arts. 44—45), or the need for an internal 
control system with four control functions: risk-management, compliance, internal 
audit, actuarial and risk-management (Arts. 46—49, 246).” The connection with 
remuneration is, in any case, indirect, as there is no specific provision on compen- 
sation of staff in the Directive. 

Following the Lamfalussy process, the principles entailed in the Directive were 
further developed by the Commission Delegated Regulation (EU) 2015/35 of 
10 October 2014. On the governance system, Chapter IX of the Regulation includes 
detailed provisions in five aspects: Elements of the system of governance, Functions, 
Fit and proper requirements, Outsourcing, and Remuneration policy. As said, remu- 
neration is the only element not expressly mentioned in the higher standard, but it is 
considered as a key issue for risk management in the Delegated Regulation. As 
expressed in Recital 102 of the Regulation, ‘remuneration policies and practices 
which provide incentives to take risks that exceed the approved risk tolerance limits 
of insurance and reinsurance undertakings can undermine the effective risk manage- 
ment of such undertakings. It is therefore necessary to provide for requirements on 
remuneration for the purposes of the sound and prudent management of the business 
and in order to prevent remuneration arrangements which encourage excessive risk- 
taking’. 

As a general requirement for the system of governance, Article 258.1.1) calls fora 
written remuneration policy, even when the Directive does not include it among the 
other areas in which a written policy is required. The approval process of this 
written policy should follow the same requirements as the other policies expressly 
mentioned in the Directive and, therefore, on the one hand, it should be approved by 
the administrative, management or supervisory body of the insurance or reinsurance 
undertaking (41.3 Directive)* and, on the other hand, the remuneration policy shall 


? As will be shown, the EC Regulation, which does include for the first time specific requirements on 
remuneration of staff in insurance undertakings, sets the link with the Directive via the need of a 
sound and prudent management of the business. 

>The inclusion of remuneration in Article 41.3 of the Directive is one of the proposals included by 
EIOPA in its Opinion on the 2020 review of Solvency I—EIOPA-BoS-20/749, 17 December 2020, 
paragraph 8.47. 

4 As will be shown, this acts as a minimum requirement often exceeded by stricter measures at 
national level. 


98 


C. Diaz Llavona 


be reviewed at least annually and in the case of any significant change in the system 
or area concerned. 


2.1 European Principles Relating Remuneration Policy 


and Practices in the Insurance Sector 


As is the case with the Directive, the Regulation sets out nothing but principles to be 
observed by companies in shaping their remuneration policies. Article 275 includes 
seven main principles and another eight that specify the way in which the part of 
remuneration connected with tasks and performance of some members of the staff 
should be designed by the undertaking. 


These following can be highlighted as the main principles: 


Alignment between remuneration policy and practices and the risk management 
strategy of the undertaking and the long-term business and its performance as 
a whole 

Respect of the risk tolerance limits of the undertaking 

Consideration of the tasks and performance of the administrative, management or 
supervisory body (AMSB), persons who run the undertaking or have other key 
functions, or other categories of staff whose professional activities have a material 
impact on the undertaking’s risk profile 

Responsibility of the AMSB for the oversight of the remuneration policy’s 
implementation 

Need of an effective governance on remuneration 

Need of an independent remuneration committee to support the AMSB in the 
oversight, implementation and operation of the remuneration policies and prac- 
tices, if appropriate, in relation to the significance of the undertaking (size and 
internal organisation) 

Disclosure of the remuneration policy to all members of the staff 


Risks arise mainly from the variable part of remunerations, and this part is usually 


connected with the performance of the remunerated person. As said, in turn, the third 
principle referred to the consideration of the tasks and performance of those persons 
who run the company or have key functions in it is developed in other eight ones: 


Need for balance between the fixed and variable components of the remuneration 
schemes and for the fixed component to represent a sufficiently high proportion of 
the total remuneration. The objective is to avoid that an excessive dependence of a 
performance-related remuneration could artificially alter individuals’ behaviour 
and, conversely, that a decision of not paying the variable remuneration consid- 
ering the situation of the undertaking could be made without excessively affecting 
the remuneration received. 
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e Incase of performance-related variable remuneration, the principle of connection 
between the total amount and the performance, not only of the individual, but also 
of his/her business unit and the overall result of the undertaking or of the group. 

e Need for a substantial deferred component of the variable remuneration to 
connect it with the mid and long-term results of the undertaking. The deferral 
period shall not be less than three years. 

e Consideration of both financial and non-financial criteria when assessing an 
individual’s performance. 

e Inclusion of a downwards adjustment for exposure to current and future risks in 
the measurement of performance. 

e Relation between termination payments and performance achieved over the 
whole period of activity without rewarding failure. 

e Commitment of persons subject to the remuneration policy to not use hedging 
strategies or insurances that could undermine the risk alignment effects of their 
remuneration arrangement. 

e Independence of the variable part of remuneration of staff engaged in the four key 
functions (risk management, compliance, internal audit and actuarial) from the 
performance of the units and areas submitted to their control. 


As this is the first level of regulation for the remuneration principles,’ there are 
many concepts that remain quite open and need further accuracy. That is the case 
with the sufficiently high proportion of the fixed component of the remuneration, or 
with the substantial deferred component of the variable remuneration. This lack of 
definition led in the first years of implementation of the Directive and the Regulation 
to divergent practices across the European Union, and that is why the European 
Insurance and Occupational Pensions Authority (EIOPA) released the Opinion on 
the supervision of remuneration principles in the insurance and reinsurance sector, 


in April 2020 (EIOPA-BoS-20-040, 31 January 2020). 


2.2 EIOPA’s Perspective on Remuneration in the Insurance 
Industry 


The Opinion looks for a more consistent approach and convergence of national 
supervisory practices on the implementation of remuneration principles in the 
insurance sector. As it is known, opinions are non-binding instruments and therefore 
this one does not prevent the Supervisory Authorities to consider stricter criteria 
when appropriate or, reversely, to adopt a more flexible approach in supervision of 
low-risk undertakings. Despite this non-binding character, the Opinion acts as a very 
valuable tool of convergence through a better definition of the open concepts 


5 As will be shown in Sect. 3 of this chapter, it would be preferable that the Directive itself included 
at least some high-level principles on remuneration policies and practices of staff in insurance 
undertakings, in line with the structure followed by the European institutions in the banking sector. 
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mentioned in the Regulation. Nevertheless, the selection of an instrument like the 
opinion, non-compulsory and less detailed than other tools available for EIOPA, 
could restrict its future scope. As it will be pointed out, there are many questions that 
remain unsolved. Even when probably the need for an in-depth regulation is higher 
in the banking sector, a framework like the one existing for banks—including the 
Guidelines of the European Banking Authority (EBA) on sound remuneration 
policies°—could have led to a more finished result.’ This idea will be approached 
again later in the text. 


2.2.1 Scope 


As pointed out, risk arising from the compensation policy of the undertaking appears 
mostly in connection with the variable part of the remuneration and on remunera- 
tions of the highest paid employees. Hence, the instrument narrows its scope of 
application according to two cumulative criteria: 


e Category of staff member: only AMSB members, other executive directors who 
effectively run the undertaking, key function holders (in the sense of the key 
functions already seen), or other categories of staff whose activities have material 
impact on the undertakings’ risk profile. 

e Minimum amount of the variable component of the annual remuneration: over 
EUR 50,000 provided it represents more than 1/3 of the staff member’s total 
annual remuneration. 


2.2.2 Developed Aspects 


The Opinion addresses the four more indeterminate and open principles of the 
Regulation by establishing several benchmarks for the evaluation of the remunera- 
tion policies and practices at national level. 


e On the need for balance between fixed and variable components of remuneration 
and for the fixed part to represent a sufficiently high proportion of the total 
amount, the text establishes a threshold of 1:1 ratio, i.e. the amount of the variable 
component should not exceed that of the fixed one. 

e On the portion of variable remuneration that must be deferred, EIOPA sets the 
benchmark in the 40% of the total variable amount. Even when it is only an 


© Guidelines on sound remuneration policies under Articles 74(3) and 75(2) of Directive 2013/36/ 
EU and disclosures under Article 450 of Regulation (EU) No 575/2013, EBA/GL/2015/22, 
21 December 2015. 


7 About the need for more detailed provisions in the insurance sector, as is the case with the banking 
activity, vid. Butera and Montemaggiori (2018), p. 41 et seq. 
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indicative threshold, it helps in defining the open expression ‘substantial portion’ 
used in the Regulation. 


If the 1:1 ratio of variable remuneration is not observed (a deviation could be 


considered justified by the supervisory authority in view of the risk profile of the 
undertaking), then the proportion of the deferred component should also be higher. 


The text also refines the principle of consideration of both financial and 
non-financial criteria when assessing an individual’s performance. These criteria 
refer to the quantitative and qualitative requirements set out in the remuneration 
policy for the pay-out of the variable remuneration. Criteria must include achiev- 
able objectives and measures as well as consequences of the non-compliance, and 
the assessment should consider a multi-year framework. 
Quantitative and qualitative requirements should be balanced too, but at this 
point, the Opinion does not set out any specific ratio. It does cite a distribution 
of 80% financial and 20% non-financial as a potentially not balanced division, 
which could lead to the conclusion that in this respect, there is no need of a 1:1 
ratio, as is the case with variable and fixed components of the remuneration. A 
higher proportion of quantitative requirements seems to be acceptable, provided 
that it does not reach such a high percentage. 
The principle of inclusion of a downwards adjustment for exposure to current and 
future risks in the measurement of performance also gets the attention of EIOPA. 
This mechanism should adjust remuneration not only when individuals do not 
meet their personal objectives, but also when their business units or the under- 
taking as a whole fail to do so. The downward adjustment inserted in the 
remuneration policy must include examples of how it would work and the 
rationale behind its dynamic. The Opinion’s approach at this point is rather 
superficial and although it refers to all kind of adjustments—even with an express 
reference to clawback clauses—it does not go into any further analysis. 
Last point addressed refers to the principle of connection between termination 
payments and performance achieved over the whole period of activity. At this 
respect, the text distinguishes between those termination payments which are 
generally considered as variable remuneration and those which generally do not 
have this qualification. According to this general consideration of the payments, 
outside the concept of variable remuneration fall all mandatory payments (labour 
law, settled in a court decision), those that respond to a predefined generic 
formula, and those connected to a non-competition clause, but only, in this latter 
case, up to the amount of the fixed remuneration which would have been paid if 
staff where still employed. 

As generally considered variable remuneration, the text refers to any payment 
that arose from a termination because of a failure of the undertaking or because of 
a material reduction of the undertakings’ activities in which the staff was active, 


SIn this respect, vid. Esquerra Resa (2020), p. 11 et seq. 
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or finally, to payments that arose from a settlement between the undertaking and 
the staff member in case of a labour dispute. 

One finds here again a completely open formula’ that leaves room for very 
different interpretations, starting with what is considered variable remuneration as 
it is expressed in terms of what is generally understood as such. 


As shown, although the Opinion represents a significant step forward for the 
interpretation of the principles included in the Regulation, some provisions yet 
remain very undetermined and leave a very broad margin of assessment to under- 
takings and to the supervisory dialogue with them. This may be aligned with the 
different risk profiles of undertakings but can also lead to deep differences in 
treatment between Member States, and even to an undesirable situation of legal 
uncertainty in the insurance sector. 


3 Regulatory Framework of Remuneration Policies 
and Practices in the Banking Sector: Means 
for Improvement in the Insurance and Reinsurance 
Sector 


The legal treatment of remuneration policies and practices in the banking sector 
received the attention of the European legislator years earlier than in the insurance 
sector. 

Following the financial crisis of 2008, several reports outlined that, while failures 
in the governance system have not been the main cause of the crisis, they did have 
played certain role.'° A better bank governance would without any doubt contribute 
to reduce the likelihood of new bank crisis situations. 

Among the identified failures in the governance system, the danger of certain 
incentives for directors and senior staff was frequently pointed out.'' While some of 
these remuneration policies turned out to be inadequate for any firm, they showed 
particularly harmful effects in the banking sector. The variable and equity-based 
compensations stimulated dangerous behaviours consisting of generating short-term 
earnings while taking on high long-term risks. 


°Much more open than the provisions included in point 9.3 of the EBA’s Guidelines. 

10 See in this respect the so-known Larosiére Report of 25 February 2009, of the High-level Group 
of Financial Supervision in the EU. Among other causes of the financial crisis, it mentions, as a 
corporate governance failure, in paragraph 24 ‘the remuneration and incentive schemes within 
financial institutions (that) contributed to excessive risk-taking by rewarding short-term expansion 
of the volume of (risky) trades rather than the long-term profitability of investments’. 

1 Basel Committee on Banking Supervision, Compensation Principles and Standards Assessment 
Methodology, January 2010, mainly principle 4. 


Remuneration Policies of Insurance Undertakings in Europe: Principles for. . . 103 


These policies affected not only directors’ remuneration, but also senior man- 
agers’, the latter going completely unnoticed by supervisors and legislators for a long 
time.” 

As the banking sector showed slightly less resistance to the crisis than the 
insurance sector, some initiatives and studies addressed the remuneration issue 
focusing only on credit institutions." Most of them, however, adopted a global 
approach proposing measures for all financial institutions. 

Even though there are significant differences between banks and insurance 
undertakings in terms of their activity and the type of risks they are exposed to, 
they have also many elements in common. They are both regulated sectors subject to 
a strong legal and supervisory system, in both risk is an inherent element of their 
activity, and in both the directors, when managing the company, must consider not 
only the shareholders’ interest, but also the interest of the debtholders or the 
policyholders, respectively. 

As pointed out, after the financial crisis the main trend has been to tackle the 
problems and come up with solutions in remuneration policies in the financial sector 
as a whole (without making any difference between banks and insurance undertak- 
ings). That is the case with the Commission Recommendation of 30 April 2009, on 
remuneration policies in the financial services sector, "4 the FSB Principles for Sound 
Compensation Practices of 25 September 2009, or the European Commission’s 
Green Paper on Corporate Governance in Financial Institutions and Remuneration 
policies, of 2 June 2010.'° While this joint treatment was the trend among 
non-compulsory instruments, the binding regulations of both financial sectors have 
followed separate paths so far (regarding the instruments used and the level of detail 
of the provisions rather than the content itself. As it can be observed most of the 
provisions envisaged for insurance undertakings since 2015 clearly follow those 
established for credit institutions in previous years). 

As said, the central position of banks in the crisis led the European Legislator to 
focus their concern about remuneration issues in these financial institutions first. At 
this respect, CRD II Package included for the first time specific remuneration 
requirements. According to Recital 3 of Directive 2010/76/EU, °° ‘in order to address 
the potentially detrimental effect of poorly designed remuneration structures on the 
sound management of risk and control of risk-taking behaviour by individuals, the 
requirements of Directive 2006/48/EC should be supplemented by an express 
obligation for credit institutions and investment firms to establish and maintain, for 


12 Hopt (2013), p. 13. 

13 Basel Committee on Banking Supervision, op. cit. 

'49009/384/EC. In a non-binding way, the Recommendation includes already most of the principles 
that years later will be introduce in the CRD Framework. 

15 COM (2010) 284 final. Vid. also Commission Feedback Statement on Corporate Governance in 
Financial Institutions, of 11 November 2010. 

'©Directive 2010/76/EU, of the European Parliament and of the Council of 24 November 2010 
amending Directives 2006/48/EC and 2006/49/EC as regards capital requirements for the trading 
book and for re-securitisations, and the supervisory review of remuneration. 
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categories of staff whose professional activities have a material impact on their risk 
profile, remuneration policies and practices that are consistent with effective risk 
management’. 

The Directive included some express provisions in the main text and added one 
new section (11) on remuneration policies to Annex V of Directive 2006/48/EC 
(CRD I), where it already set out some basic principles, most of them coming from 
the previously cited soft-law instruments. Article 1.3.4 of the Directive 2010/76/EU 
itself required CEBS” to issue guidelines on sound remuneration policies which 
complied with the principles included in the amended Annex V of CRD I. These 
guidelines got published in December 2010. 

The revision process launched in 2010 continued to progress with the CRD IV 
reform. Thus, Directive 2013/36/EU included a more complete regime on remuner- 
ation policies in the main text of the Directive (Articles 92 et seq.). Following the 
Lamfalussy scheme, these first level provisions were also developed through Reg- 
ulation (EU) 604/2014,'* which aimed to fix the criteria to identify those categories 
of staff whose professional activities have a material impact on an institutions’ risk 
profile,‘ and Regulation (EU) 575/2013, Article 450 of which set out disclosure 
requirements for the remuneration policies of credit institutions. Two other three 
level instruments completed this regulatory structure: first, the EBA Opinion on the 
use of allowances,”” and later the EBA guidelines”! of 21 December 2015.7” 


17 Committee of European Banking Supervisors. On 1 January 2011, the European Banking 
Authority (EBA) was established, taking over CEBS’ ongoing tasks and responsibilities. 

18 Commission Delegated Regulation (EU) No 604/2014 of 4 March 2014 supplementing Directive 
2013/36/EU of the European Parliament and of the Council with regard to regulatory technical 
standards with respect to qualitative and appropriate quantitative criteria to identify categories of 
staff whose professional activities have a material impact on an institution’s risk profile. It is a very 
useful instrument that does not exist for insurance undertakings’ staff. 

'°The EBA recently published a draft for the revision of provisions included in Regulation 
604/2014 that can be found under the reference EBA/RTS/2020/05, 18 June 2020. 


20EBA/Op/2014/10, 15 October 2014, Opinion of the European Banking Authority on the appli- 
cation of Directive 2013/36/EU (Capital Requirements Directive) regarding the principles on 
remuneration policies of credit institutions and investment firms and the use of allowances. 

21 BB A/GL/2015/22, 21 December 2015, Guidelines on sound remuneration policies under Articles 
74(3) and 75(2) of Directive 2013/36/EU and disclosures under Article 450 of Regulation (EU) No 
575/2013. 


?2EBA proposed to revise the guidelines on sound remuneration policies in light of the amendments 
introduced by the fifth Capital Requirements Directive (CRD V); mainly, the gender-neutral 
requirement for remuneration policies. The consultation period ended on 29 January 29 2021, 
and the final guideline is expected to be published in the first half of 2021. 
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As previously shown, the regulatory framework on remuneration policies and 
practices for insurance undertakings did not follow such a well-constructed structure 
as in the banking sector. Directive 2009/138/EC did not include any specific 
provision on this matter and, even though it has been already amended in the 
following years (mainly through Directive 2014/51/EU) no requirements were 
added so far in this regard. As mentioned, Regulation 2015/35 is a delegated act 
(level 2 of the Lamfalussy scheme) with a very weak connection with the Directive, 
considering that there are no high-level principles on remuneration for insurance 
undertakings. The link between both instruments, Directive and Regulation, is only 
indirect, and must be made through Articles 41 to 50 of the Directive, which relate to 
the system of governance of insurance and reinsurance undertakings, with no special 
reference to any remuneration requirement.” 

The release of the EIOPA’s Opinion on the supervision of remuneration princi- 
ples in the insurance and reinsurance sector in 2020 did not solve the problem at all 
and left many loose ends in capital questions, as it has been showed. Whether a 
non-compulsory instrument like guidelines or an opinion can be found justified in 
the banking sector where there are already several level 1 and 2 provisions with quite 
detailed principles, the situation is not the same in the insurance field. Here, there is a 
need to amend Directive 2009/138/EU to include high level principles on remuner- 
ation policies. As it was mentioned in footnote 3, EIOPA’s Opinion on the 2020 
review of Solvency II proposes already an amendment in this respect, but only to 
include the remuneration policy within the policies that need to be written and 
periodically reviewed. In any event, the reform should be wider, considering the 
inclusion of an express reference to most of the remuneration principles laid out now 
in Regulation 2015/35. The reform would also require certain development via 
regulatory technical standards (RTS) to clarify concepts used in the Directive and 
the Regulation, as is the case with the concept of the staff whose professional 
activities have a material impact on the undertaking’s risk profile. Same situation 
exists relating distinction between fixed and variable remuneration. Provisions in the 
insurance sector have a lack on determination at both aspects that cannot be found in 
the banking provisions, where those concepts are precisely defined and where any 


°3 A reference must be made to the Memo of the European Commission, ‘Capital Requirements — 
CRD IV/CRR: Frequently Asked Questions’, 16 July 2013, section 11, p. 28: ‘(...) for the sake of 
consistency and in order to avoid regulatory arbitrage between sectors, it will be necessary to review 
the existing legislation in other sectors (Solvency II, UCITS Directive) to align it, when necessary, 
to the outcome of the final text of the CRD IV package. Nevertheless, the specificities of each sector 
should be considered, and the rules should not necessarily be identical for banks, insurance 
companies and investment funds’. The revision of Solvency ii was not carried out regarding the 
amendments on remuneration policies included in the CRD IV. 


106 C. Diaz Llavona 


compensation that falls outside the concept of fixed part of remuneration shall be 
considered variable with no room for a tertium genus. wa 


3.2 A Forward-Looking Approach to Supervision 
in the Financial Sector as a Whole 


The convenience of the inclusion of specific first-level provisions on remuneration 
policies and practices for the insurance sector is a minimum requirement and is the 
only feasible one now. A brief mention to another forward-looking approach should 
however be made. 

The financial market shows how in the last decades the boundaries between 
banking, insurance and securities have become increasingly blurred and how many 
of these activities are carried out now by financial conglomerates which get subject 
to different sectoral regulations and supervisory authorities depending on the type of 
transaction involved. Bearing that in mind, it should be questioned if there is still a 
point in having completely separate provisions for the banking and the insurance 
sector when in many cases, requirements set for both sectors are essentially the same, 
and in those cases where provisions differ considerably, this separate treatment does 
not always respond to an actual difference in the market.” 

The forward-looking approach of cross-sectoral supervisory legislation for finan- 
cial institutions also poses the question of the convenience of a new European 
financial supervisory model. As it is known, while the EU follows the sectoral 
supervisory model with three different supervisory authorities (ESAs) for banking 
(EBA), insurance (EIOPA) and securities (ESMA), some Member States, consider- 
ing the above-mentioned blurring of lines between financial sub-sectors, have moved 
to either a single supervisory model or to the so-called twin peaks model.*° 
According to the single supervisory model, there is only one supervisory authority 
in charge of the three financial sub-sectors (with some supervisory role of the Central 
Bank in some countries) as is the case in Germany, Poland or Sweden. The twin 
peaks model?” divides the supervision into two separate authorities. One is in charge 


*4Tt may be recalled here that provisions included in the EIOPA’s Opinion in this respect are merely 
for guidance purpose and distinguish between termination payments generally considered as 
variable remuneration and those which generally do not have this qualification. 

5 Vid. Al-Darwish et al. (2011), p. 40 et seq. See also footnote 23. 

©Colaert (2015), p. 1586 et seq. 


7 This model was pointed out as the desirable system to evolve to in the so-known Larosiére Report 
of 25 February 2009, of the High-level Group of Financial Supervision in the EU, section V, 
pp. 216 and 217 (P. 216: There may be merit, over time, in evolving towards a system which would 
rely on only two Authorities: The first would be responsible for banking and insurance issues, as 
well as any other issue which is relevant for financial stability (e.g. systemically important hedge 
funds, systemically important financial infrastructures). The second Authority would be responsible 
for conduct of business and market issues, across the three main financial sectors. Combining 
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of prudential supervision whereas the other supervises markets and conduct of 
business. This is the supervisory structure followed in Belgium, France, the Neth- 
erlands, or Portugal.” Among these, it is worth to refer expressly to the Netherlands 
regime. Differences arise there not only from the twin peaks supervisory model 
(adopted already in 2002), but also from the particular approach taken in the 
implementation of the CRD IV. The Dutch Act on Remuneration Policies of 
Financial Undertakings, February 2015 (Wet beloningsbeleid financiële 
ondernemingen), looking for the above-mentioned cross-sectoral supervisory legis- 
lation approach, broadened the scope of the Directive extending its provisions to all 
financial undertakings, including banks, insurers, investment firms, payment ser- 
vices providers, or premium pensions institutions. The Dutch case is also unique 
because the Legislator also carried out some ‘gold-plating’ amendments when 
transposing the remuneration requirements of the CRD IV. As key measures in 
this respect one can refer briefly to the bonus ceiling of 20% of the fixed salary of the 
employee—much more restricted than in the original European provision—the 
severance payment ceiling of one year’s salary of directors, or the express inclusion 
of bonus clawback if circumstances require so.” 

Even when a complete revision of the supervisory model would be neither 
possible nor appropriate now at the European level, one cannot ignore that this is 
the direction of any long-term evolution of the supervisory structures in the financial 
sector. 


4 Implementation of European Provisions: Interplay 
with National Corporate Law 


As pointed out in the introduction of this chapter, the application of the analysed 
special rules to insurance undertakings does not prevent these undertakings from 
being subject to general directives in corporate governance and to the company law 
of their country of origin. 

In this respect, it must be distinguished between non-listed undertakings and 
those with shares admitted to trading on regulated markets on the one hand. On the 
other hand, differences arise from the varied board structures and what is considered 


banking and insurance supervisory issues in the same Authority could result in more effective 
supervision of financial conglomerates and contribute to a simplification of the current extremely 
complex institutional landscape). 

?8 A deeper analysis of the differences in the supervision structures of each Member state can be 
found in: Schoenmaker and Véron (2017), p. 1 et seq. The text of this policy contribution will be 
published as a chapter of Godwin and Schmulow (2021). 


For a deeper analysis, see Van Loopik and Ter Haar (2016), p. 389. 
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as key staff of the undertakings and the legal regime applicable to them at national 
level.*° 

All this leads frequently to difficulties in determining the scope and application of 
provisions contained in the above-mentioned insurance industry specific rules on 
remuneration policies. 

As will be shown, national provisions also entail differences in the way in which 
remuneration principles of the Regulation and provisions of EIOPA’s Opinion have 
been implemented (beyond what have been already exposed about supervisory 
models in the different Member States). 


4.1 Listed Insurance Companies 


Insurance undertakings with shares admitted to trading on a regulated market are 
subject to Directive (EU) 2017/828 of the European Parliament and of the Council of 
17 May 2017, amending Directive 2007/36/EC as regards the encouragement of 
long-term shareholder engagement. 

Approval of the general remuneration policy by the AMSB body of the under- 
taking as required in Article 35.5 of the Solvency II Directive must be completed 
here with the vote of the policy at the general meeting as regards directors’ 
remuneration. This vote is in principle binding, but Member States may provide 
for it to be merely advisory. In any case, submission to vote must be done at every 
material change and at least every four years (Article 9a of Directive (UE) 2017/ 
828). 

Difference is therefore significant and requires clarification of who should be 
considered directors, in order to submit their remuneration policy to the prior 
approval or control by the general meeting. According to Article 2.i) Directive 
(UE) 2017/828 ‘director’ means: (i) any member of the AMSB of a company; 
(ii) where they are not members of the AMSB of a company, the chief executive 
officer and, if such function exists in a company, the deputy chief executive officer;*! 
and (iii) where so determined by a Member State, other persons who perform 
functions similar to those performed under point (i) or (ii). 

Again, there is room for national interpretation and, as will be shown, supervisory 
criteria and legal provisions show significant differences in this respect. 


30 As Recital 28 of Directive (UE) 2017/828 points out. 


31 Tf CEOs are named among the members of the AMSB, they remain considered as directors, but 
under point (i) of the classification. 
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4.2 National Corporate Law and Implementation 
Measurements of the Specific Insurance Provisions 
Towards Remuneration 


The remuneration policy must apply to the undertaking as a whole but include 
specific provisions considering the tasks and performance of the AMSB, persons 
who effectively run the undertaking or have other key functions, and other categories 
of staff whose professional activities have a material impact on the undertakings’ 
risk profile (Article 275.1.c) Solvency II Directive). Further, provisions included in 
the EIOPA’s Opinion apply only to AMSB members, other executive persons who 
effectively run the undertaking, key function holders and other categories of staff 
whose professional activities have a material impact on the undertakings’ risk 
profile. 

The application of these general rules to the corporate structure of each under- 
taking usually poses many questions about their scope and their application (or not) 
to some functions and individuals and receives frequently attention in guidelines 
prepared by the national supervisory authorities with quite different approaches in 
each case. 

On the following paragraphs the chapter analyses the legal regime and criteria of 
some of the European Member States with more particularities in this respect, 
pointing out the differences among them. As one can observed, there are many 
aspects in which the supervision and the corporate governance requirements vary 
notably among Member States, with all the potential risk and legal uncertainty that 
this situation entails. 


4.2.1 Belgium 


Generally, Belgium allows both the monistic and the dualistic system of board 
structure (Article 7:85 et seq. of the Code des sociétés et des associations’). 
According to the first one, le conseil d'administration can carry out all acts needed 
for the fulfilling of the company purpose. Following a dualistic system, board is 
organized in two bodies: le conseil d’surveillance and le conseil de direction. Here, 
le conseil de surveillance develops the general policies and the strategy of the 
company, and the daily management belongs to le comité de direction. 

Compared to the general rule, according to the Belgian Insurance Supervision 
Act,” insurance undertakings must use a special dualist model with two bodies: le 
conseil d'administration and le comité de direction with two main differences with 
the general dualistic system. On the one hand, powers of le comité de direction arise 


3Loi du 23 mars 2019 introduisant le Code des sociétés et des associations et portant des 
dispositions diverses (M.B. 4 abril 2019, pp. 33239 et seq.). 


33Loi du 13 mars 2016 relative au statut et au contrôle des entreprises d’assurance et de réassurance. 
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from a delegation of le conseil d’administration. On the other hand, at least three 
members of the comité are also members of le conseil d’adminsitration (in the pure 
dualistic models both bodies have completely different members).** 

In this case, according to the Circulaire 2016_31 relative aux attentes 
prudentielles de la Banque nationale de Belgique en matiére de systéme de 
gouvernance pour le secteur de l’assurance et de la réassurance (version révisée 
en mai 2020)” (point 8.1), both bodies, the supervisory and the management one, 
are subject to the provisions of the EU Regulation and the EIOPA’s opinion. 

Apart from listed companies, remuneration policies of insurance undertakings do 
not have to be submitted to the general meeting except in cases when that policy 
includes a notice period and a severance pay for non-executive members of le conseil 
d’administration (point 8.2 Circulaire, and its footnote 42). 

The Belgian system entails very detailed provisions on insurance corporate 
governance supervision. The Circulaire embraces all proposals included in the 
EIOPA’s Opinion and converses most of them into binding provisions requiring 
the undertakings for explanation to the supervisor (The National Bank of Belgium) 
when they do not comply with the provided benchmarks. 


4.2.2 Germany 


Remuneration policies of insurance undertakings are covered here by the 
Aktiengesetz (the German company law, mainly in Articles 87 and 113) and the 
Versicherungsaufsichtsgesetz (the insurance supervision law, mainly in Articles 
33 and 189). 

The governance structure is dualistic for all kinds of companies—included 
insurance undertakings—and is split into two bodies: Aufsichtsrat (supervisory 
board) and Vorstand (management board), whose members are completely different 
from each other. 

While remuneration of the Aufsichtsrat must be included in the by-laws or 
approved by the general meeting, that of the Vorstand needs only the Aufsichtsrat’s 
approval. 

Regarding insurance companies, the German Supervisor (BaFin*°) has published 
two resolutions: The Decision Aspekte der Vergiitung (Art. 275 DVO (EU) 2015/ 
35), and the Circular 2/2017.°° According to those provisions, even when remu- 
neration principles included in the Delegated Regulation (EU) 2015/35 shall apply to 
the undertaking as a whole, restrictions considered in Article 275 of the Regulation 


34 Strypstein (2020), p. 59 et seq. 

5 Vid. Chhor (2020), p. 165 et seq. 

36 Bundesanstalt fiir Finanzdienstleistungsaufischt. 
37VA 52-1 2510-2016/0006, 20 December 2016. 


38Rundschreiben 2/2017 (VA)-Mindestanforderungen an die Geschiiftsorganisation von 
Versicherungsunternehmen (MaGo), 25 Januar 2017. 
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and provisions included in the EIOPA’s Opinion only get development with respect 
to the members of the management board, persons who run the undertaking or have 
other key functions, or other categories of staff whose professional activities have a 
material impact on the undertaking’s risk profile. Considering that the Regulation 
refers to the administrative, management or supervisory body and that the Opinion 
focuses on the AMSB members and other executive directors, one can understand 
that both, supervisory and management boards in case they are split should be 
subjected to those provisions.” It must be considered that according to point G-18 
of the German Corporate Governance Code*® supervisory board remuneration 
should be fixed remuneration (in that case, provisions included in EIOPA’s Opinion 
would not have impact in such policies). Nevertheless, it is only a recommendation 
and only applicable to listed companies, and in any case, it also bears the possibility 
of providing performance-related remuneration (thus, variable) to the members of 
the supervisory board (if so, that component should be geared to the long-term 
development of the company). 

The German provisions towards insurance undertakings remuneration are other- 
wise very complete and include specific benchmarks regarding some of the princi- 
ples included in the EU Delegated Regulation. With respect to the sufficiently high 
proportion of the total remuneration the BaFin’s Decision recommends a minimum 
percentage of 40 for staff under the Vorstand, and a minimum of 60% in the case of 
members of that management board. Even when those provisions were foreseen in 
2019, before EIOPA’s Opinion, there is no contradiction in this respect considering 
that the Opinion allows supervisors to raise that threshold. 


4.2.3 Italy 


Remuneration provisions for insurance companies are found in the Codice Civile" 
(the Italian Civil Code, where these questions are addressed in Articles 2325 et seq.) 
and the Codice delle assicurazioni private” (the Insurance Code), and two resolu- 
tions of the Italian insurance supervisor, the IVASS:**: the Regulation 38/2018 of 
3 July“ and the Letter to the Market of 5 July 2018.*° 


3°Tn this same direction vid. Scheid] (2019), p. 67. 


ay Corporate Governance Kodex, Regierungskommission Deutscher Corporate Governance Kodex, 
version of 16 December 2019. 


“Royal Decree 16 March 1942, n°262, last updated with the Legislative Decree of 16 July 2020, 
n°76, and the Legislative Decree of 8 April 2020, n° 23, transformed in Law of 5 July 2020, n°40. 


4 Legislative Decree of 7 September 2005 n° 209, last updated with Legislative Decree of 17 March 
2020, n° 18. 


43 Istituto per la Vigilanza sulle Assicurazioni. 
4 Regolamento IVASS n. 38 del 3 luglio 2018. 
4ST ettera al Mercato, 5 luglio 2018. 
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Insurance undertakings can adopt here the three governance systems admitted in 
the Civil Code since 2003:*° traditional, monistic, and dualistic. Among these, in the 
insurance sector, one finds mainly the traditional and the dualistic structures. 
According to the first one, there are two bodies in charge of the management and 
the supervision respectively: the consiglio d’amministrazione and the collegio 
sindicale (2380 Codice Civile). The general meeting chooses the members of both 
and fixes their remuneration. The management body can appoint delegated members 
or establish an executive committee. 

According to the dualistic model (2409 bis Codice Civile), the governance 
structure is organized in a supervisory and a management board, but in this case 
the general meeting nominates only the members of the supervisory one (consiglio di 
sorveglianza) and is this body who chooses the components of the management 
board (consiglio di gestion). Pursuant to the general provisions of the Civil Code, the 
general meeting only decides the remuneration of the supervisory board. Under this 
structure, there is room for the designation of delegated members of the management 
board, but not for an executive committee. 

On insurance undertakings, the IVASS Regulation (Articles 39 et seq.) follows 
the general regime and allows both systems, traditional and dualistic. The general 
meeting determines the retribution of the members of the bodies designed by it 
(consiglio d’amministrazione and collegio sindacale in the traditional model, and 
consiglio di sorveglianza in the dualistic one) and approves the remuneration policy 
prepared by the consiglio di sorveglianza for the management board (consiglio di 
gestion). Hence, the general meeting has a say in any case. 

The remuneration of the supervisory boards—collegio sindacale and consiglio di 
sorveglianza—is limited in its variable components, and it shall not include com- 
pensation linked to results or based on financial instruments. 

The Italian Supervisor establishes three governance systems (rafforzato, 
ordinario and semplificato) for insurance undertakings depending mainly on the 
level of life technical provisions and non-life insurance premiums. The Supervisor 
only envisages specific provisions developing remuneration principles of the EU 
Regulation in companies which require the reinforced—rafforzato—system (those 
with life technical provisions over 10 billion € or non-life premiums over 1 billion €). 
In that case, where Article 275 EU Regulation its applied, 50% of the variable 
component of the remuneration should consist of shares or other connected instru- 
ments,” and 40% of the total variable amount should be deferred not less than 3—5 
years. If the proportion of variable components of the whole remuneration is 
especially high, then not less than the 60% of it should be deferred. 

As shown, these limits do not apply when the governance system of the under- 
taking is ordinary or simplified, i.e. it does not come into play for companies with 
levels of technical provisions of 10 billion or less, or non-life premiums of one 


46 Vid. Indagine conoscitiva: La Corporate Governance di Banche e Compagnie di Assicurazioni — 
IC36, Autorità garante della concorrenza e del mercato, Roma, 2009. 


47 A new parameter not required at a European level. 
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billion or less. In these cases, provisions of the EU regulation and the EIOPA’s 
opinion apply with no further interpretation. 


4.2.4 Spain 


The Spanish corporate law** follows a monistic system in the configuration of the 
governance structure of companies, and the situation remains unchanged when it 
comes to insurance undertakings. 

In the governance structure, next to the general meeting one only finds another 
body: the consejo de administración (management board) whose members are 
appointed by the general meeting. The consejo itself can name one or several 
delegated executive administrators or appoint an executive committee. In that case, 
the consejo plays a supervisory role, even though there are some competences that 
cannot be subject of delegation (Article 249 bis TRLSC). 

Over the last years, authors and case-law have argued about the scope of the 
power of the general meeting on remuneration of the consejo de administración. In 
particular, the terms used by the national legislator in Articles 216 et seq. have given 
rise to doubts about the competence of the general meeting for determining not only 
the remuneration of the consejo de administracion itself, but also the compensations 
owed to the executive delegates or to the members of the executive commission.*” In 
this respect, in the last two years, the Supreme Court (Ruling 494/2018°°) and the 
Central Economic-Administrative Court (Resolution 3156/2019°') have solved the 
question considering that the powers of the general meeting on the remuneration of 
the consejo de administración must also reach the remuneration of the executive 
delegated members and of the members of the executive committee. 

The Spanish insurance supervisor (DGSFP””) has reproduced?’ the orientations 
of EIOPA with no gold-plating measures and leaving, therefore, a wide margin for 
insurance undertakings to establish their policies. 


48 Real Decreto Legislativo 1/2010, de 2 de julio, por el que se aprueba el texto refundido de la Ley 
de Sociedades de Capital (TRLSC). 

In favour of that broader scope, as the most representative work vid. Fernandez Del Pozo (2015), 
pp. 199-248. Against this extended interpretation, among others, vid. Paz-Ares (2018), full issue. 
50 Sentencia del Tribunal Supremo 494/2018, de 26 de febrero, Roj: STS 494/2018 - ECLI: ES: 
TS:2018:494. 

5l Resolución del Tribunal Econémico-Administrativo Central, de 17 de julio de 2020, R.G. 3156/ 
2019. 


52D: anid F 
Dirección General de Seguros y Fondos de Pensiones. 


Nota en relación con la aplicación de la Opinión y de las recomendaciones de la Autoridad 
Europea de Seguros y Pensiones de jubilación sobre las políticas de remuneración variable, DGSFP, 
30 de junio de 2020. 
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5 Conclusion 


The legal treatment of remuneration policies and practices in the insurance sector 
received attention of the European Legislator years later than in the banking sector 
and only, so far, through second level provisions in the Lamfalussy scheme. The 
remuneration principles appear in the Commission Delegated Regulation (EU) 2015/ 
35, but no changes in the Solvency II Directive have been made with this aim. 

As a short-term way for improvement of the insurance sector regime, an amend- 
ment of the text of the Solvency II Directive should be made as soon as possible, 
with inclusion of an express reference to most of the remuneration principles laid out 
now in Regulation 2015/35, in order to give consistency and clarity to the supervi- 
sory legal framework. 

The use of a non-compulsory instrument to develop the remuneration principles 
as is the case of the EIOPA’s Opinion on the supervision of remuneration principles 
in the insurance and reinsurance sector does not appear to be the most appropriate 
solution, especially when there are no first level provisions in this respect. Following 
the better constructed structure of the remuneration provisions in the banking sector 
would certainly solve much of the problems arisen from the inadequate insurance 
scheme. 

As a forward-looking approach, considering that in the last decades the bound- 
aries between banking, insurance and securities have become increasingly blurred, it 
should be questioned if there is still a point in having completely separate provisions 
for the banking and the insurance sector and if there would be convenient to evolve 
to a greater convergence in the financial supervision regulation, with hardly any 
difference between financial sub-sectors or, at least, with more similar schemes. As 
Larosiére Report pointed out in 2009, it could also be desirable to change the 
European sectoral supervisory model to a twin peaks model because this is not a 
short-term evolution but a far future possible orientation of the supervisory structures 
in Europe. 

In addition to problems resulting from the inadequate structure of the remuner- 
ation provisions at European level, the insurance market shows a complex situation 
regarding remuneration policies, arising mainly from two factors: on the one hand, 
the European insurance industry presents a wide range of organisational structures 
and business models, especially regarding size and risk profile. These differences 
demand a flexible application of the rules and, in some cases, the taking into account 
of the proportionality principle. On the other hand, the application of these special 
rules to insurance undertakings does not prevent these undertakings from also being 
subject to the company law of their country of origin. It is a known fact that the 
structure of the governing bodies of the companies and the legal regime applicable to 
them vary greatly between Member States, which makes it more difficult to deter- 
mine the scope and application of provisions contained in the above-mentioned 
insurance industry specific rules on remuneration policies. Even when the aim is not 
the full harmonisation, the truth is that there are very deep differences between 
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national regimes, in particular, relating aspects like the power of the general meeting 
to approve directors’ remuneration policies. 

The current supervisory system on remuneration policies and practices in the 
insurance sector shows, in short, many areas for improvement, as previously shown 
in this chapter. 
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Corporate Governance Standards A 
for Insurers in Singapore gast 


Christopher Chen 


Abstract This chapter examines the corporate governance regime for insurers in 
Singapore. Singapore aims to be a global hub for insurance and reinsurance in the 
Asia Pacific region, and as an international financial centre it currently hosts a 
mixture of local and international insurers and reinsurers serving different market 
sectors. However, the domestic insurance market is small, and insurers registered in 
Singapore come from many countries and provide products and services to many 
businesses and individuals outside the city-state. This presents challenges to the sole 
financial regulator, the Monetary Authority of Singapore (MAS), in implementing 
and enforcing corporate governance standards on various (re)insurers, many of 
which are part of larger overseas insurance groups. What should be the way to 
impose corporate governance standards on various types of (re)insurers? This 
chapter addresses these questions in the context of Singapore. The general regulatory 
concerns over corporate governance standards and Singapore’s corporate gover- 
nance regimes for insurers are first introduced. Specific corporate governance issues 
are then examined, including the implementation of standards for non-domestic 
insurers or a branch or subsidiary of a larger insurance group from overseas, and 
the governance of captive insurers and reinsurers. Singapore’s approach is then 
discussed and the effectiveness of corporate governance regulations for insurers is 
assessed. Empirical evidence is presented when data are available. 


1 Introduction: Unique Challenges to Singapore 


Corporate governance is an important tool for effectively regulating insurers and 
insurance intermediaries. In this chapter, Singapore’s corporate governance regime 
for insurers is examined. In particular, this chapter examines corporate governance 
of insurers from the perspective of regulatory compliance in addition to the need to 
control of agency costs. The rules are examined in the context of Singapore as an 
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international financial hub with multiple tiers of insurers and reinsurers serving 
different market segments. 

First, like many financial businesses, insurance companies may suffer from 
agency problems.' In a principal-agent relationship, managers (i.e. agents) of an 
insurance company may not pursue the best interest of the company and its share- 
holders (i.e. the principal). This is the so-called agency problem that implies that 
companies might incur some costs to monitor the management. Those costs are 
generally considered ‘agency costs’.” As is the case for listed companies in the stock 
market, corporate governance aims at to improve management quality and reduce 
‘tunnelling’.* 

Second, insurers are, like banks, heavily regulated as they collect large sums 
(as premiums) from customers to provide insurance and thus have much influence on 
the financial market. Therefore, they must be governed properly through appropriate 
corporate governance. As Sect. 2 below demonstrates, the board and senior man- 
agement are expected to play significant roles in complying with the various 
regulatory requirements. Thus, corporate governance in insurers’ regulatory com- 
pliance should be examined. 

Hence, one argues that ‘the effectiveness of insurer governance should also 
include a reduction in governance risk and compliance risks. . ”* However, the 
role of corporate governance in addressing agency costs and regulatory compliance 
for insurance companies requires further investigation. What corporate governance 
standards are appropriate for insurers? In particular, this chapter considers whether 
the corporate governance tools used for listed companies in the stock market can be 
applied, and if they are suitable for achieving better regulatory compliance. 

Singapore is selected as a case study for investigating the corporate governance of 
insurers, as it presents some unique challenges. As a city-state, the domestic market 
for life and general insurance is limited to a population of about six million. 
Singapore’s advantages, in terms of being a financial centre and insurance hub, 
mainly benefit reinsurance and non-retail insurance offerings.” Only a few large 
domestic direct insurers operate in the competitive market of Singapore. In contrast, 
many foreign insurers have offices, branches or subsidiaries in Singapore that 
underwrite or provide negotiable insurance coverage, for risks incurred not only in 
Singapore but also regionally or globally. Many captive insurers are also registered 
in the city. 


! See Jensen and Meckling (1976), p. 305. 

?Jensen and Meckling (1976), p. 308. 

3In general, tunnelling refers to the ‘transfer of assets and profits out of firms for the benefit of those 
who control them’. Johnson et al. (2000), p. 22. 

‘Li et al. (2017), p. 3. 

> «Singapore as a Global Insurance Marketplace’-—Keynote Address by Mr Ravi Menon, Managing 
Director, Monetary Authority of Singapore, at the 12th Singapore International Reinsurance 
Conference on 6 November 2013, retrieved from the website of Monetary Authority of Singapore 


https://www.mas.gov.sg/news/speeches/2013/singapore-as-a-global-insurance-marketplace (last 
accessed on 20 July 2020). 
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These features of the Singapore market raise further questions. What are the 
optimal corporate governance regimes, considering the various types of insurers in 
the market? Some may be extremely concerned about agency costs, but others may 
not. The effects of corporate governance on regulatory compliance may also vary 
depending on the size and nature of the business. Thus, is the current approach 
sufficient to address the demand for regulatory compliance? If not, what should the 
regulatory approach be? Ensuring regulations are effective but that foreign insurers 
with limited involvement in the domestic market are not over-burdened is a delicate 
balancing act for regulators when aiming to make Singapore a global insurance hub. 

In Sect. 2 of this chapter, the function of good corporate governance in addressing 
agency problems and in regulatory compliance will be examined, with Singapore 
law used as examples of the latter. The corporate governance rules for insurers issued 
by the Monetary Authority of Singapore (MAS), the single financial regulator in the 
market, are then introduced. Based on the discussion in Sect. 2, Sect. 3 will first offer 
empirical evidence in the form of corporate governance statistics on selected insurers 
in Singapore. We then examine Singapore’s approach to corporate governance 
standards for insurers and the effectiveness of corporate governance rules in pro- 
moting regulatory compliance. Section 4 concludes the chapter. 


2 Corporate Governance Regimes for Insurers 
in Singapore: The Two Perspectives 


Why does corporate governance matter? In this part, key areas in which the board 
and/or senior management are expected to play important roles in ensuring regula- 
tory compliance are identified. The key corporate governance standards under 
Singapore law are then introduced. 


2.1 Corporate Governance and Agency Costs for Insurers 


Many studies have examined the rationale of good corporate governance and its 
effect on the proper management of a company, along with its role in reducing 
agency costs, by focusing on firms listed for trading on the stock market. Insurance 
companies also suffer from the agency problem. 

A phenomenon recognised in modern corporations is the separation of ownership 
from control. The management of a company does not necessarily consist of 
shareholders (i.e. equity owners). Thus, the agency problem arises. The agents 
(management) may not be motivated to effectively manage the company, as their 
incentives are capped by their remuneration. Managers may also divert company 


Berle and Means (1932). 
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resources to their own pockets. This is referred to as ‘tunnelling’.’ In both instances, 
the agent’s conduct may not serve the best interests of the company (i.e. the 
principal). Hence, agency problem may arise. A company may incur some monitor- 
ing costs to control the agent’s conduct, thus reducing the efficiency of the 
organisation.® 

The severity of the agency problem for insurance companies can depend on many 
factors. The ownership structure of an insurer can affect the degree of separation and 
control. Insurance companies that are publicly listed for trading on stock exchanges 
(e.g. Prudential in London or AJA in Hong Kong) may have thousands of investors 
and shareholders (often throughout the world), who can be individual or institutional 
investors (e.g. private equity funds). These firms exhibit a high degree of separation 
between ownership and control, and thus may incur higher agency costs. Other 
insurers are wholly owned by a parent holding company (e.g. HSBC Insurance 
(Singapore) Pte Ltd as part of the HSBC group). These firms have only one ultimate 
owner, and senior managers are most likely not shareholders. Some may not even 
have a controlling shareholder (i.e. widely held firms).? Thus, the interactions 
between the management and the owner differ from those in a publicly traded 
company. These subsidiaries may well incur agency costs and the management 
may not serve the best interests of the shareholders, but the severity of the costs 
and the effectiveness of ownership control will differ from those of an insurer listed 
for trading. Thus, while most insurers will incur some agency costs, the extent will 
depend on the ownership and management structure. 

Corporate governance for insurers thus has an important function, as it can 
improve management performance through requirements regarding board and senior 
management remuneration, and reduce tunnelling through board independence and 
auditing requirements.'° The same is also true for pension funds.'! 


2.2 Corporate Governance and Regulatory Compliance 


Corporate governance is also an important regulatory tool as it can ensure good 
regulatory compliance by insurers. The argument that ‘[a] risk management function 
that has an independent, autonomous, and credible status in a firm with unalloyed 


7See above n 3. 

8Jensen and Meckling (1976), p. 308. 

°For example, the largest shareholder of Prudential plc, one of the largest insurers in the UK, held 
barely more than 5% of voting shares (with the runner-up holding just short of 5%) pursuant to the 
company’s 2019 annual report. See the 2019 annual report of Prudential plc, p. 400, at https://www. 
prudentialplc.com/~/media/Files/P/Prudential-V3/reports/2019/prudential-plc-ar-2019.pdf (last 
accessed 21 July 2020). 

10 See Sect. 2.3 below for a more detailed discussion of Singapore law. 

1 Kowalewski (2012), p. 14. 
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access to the board can limit tail exposure preceding and during a market crisis’ !* is 
obviously persuasive. Strong corporate governance by the senior management and 
the board’s leadership can reduce the risk posed by a siloed risk management 
structure inside a firm.'* Principal-agent conflicts that can undermine the effective- 
ness of risk management may also be reduced by good corporate governance,'* 
which can thus be regarded as essential for full regulatory compliance. In Singapore, 
the regulator clearly recognises the key role of the board, stating that it is the “basic 
tenet of the [regulator’s] risk-based supervisory approach’.'° 

The role of the board in complying with rules and regulations issued by the 
financial regulator, the Monetary Authority of Singapore (MAS), can be illustrated 
through various examples in Singapore law. 

First, the board of directors of an insurer is ultimately responsible for its sound 
and prudent management.'° Singapore largely followed the corporate governance 
principles adopted by the Organization for Economic Cooperation (OECD) that 
largely followed the corporate governance framework developed in the US and 
UK.” In particular, the board of directors play the instrumental role in the gover- 
nance and management structure of company. The board should therefore supervise 
the senior management of an insurer. The board is thus central to establishing the 
policies, procedures and processes of internal controls. '* ‘The internal audit function 
should also have appropriate independence with reporting lines to the institution’s 
Board or to an audit committee of the Board (the “Audit Committee”)’.'° The board 
of directors, especially independent directors, also play a key role in vetting related 
party transactions.”° 

Second, the board has a supervisory role in prudential regulation compliance. For 
example, when calculating their risk-based capital, the board and the senior man- 
agement should oversee the governance and the use of the internal credit rating 
process for unrated debt securities”! or investments containing non-linear payouts.” 
Reporting regularly to the board and senior management should be a requirement.” 


Dill (2019), p. 168. 

'SDill (2019), pp. 167-168. 

14Dill (2019), pp. 168-169. 

ISMAS, Guidelines on Corporate Governance, para. [7]. 

'CMAS, Guidelines on Risk Management Practices for Insurance Business, para 2.2.2. 
17 Chen et al. (2018), p. 988. 

'SMAS, Guidelines on Risk Management Practices — Internal Controls, para 1.1.2. 
'°MAS, Guidelines on Risk Management Practices — Internal Controls, para 2.6.2. 

20 See Enriques et al. (2009). 


1M AS, Notice on Valuation and Capital Framework for Insurers (Notice 133), Annex 4E para 1 & 
2: 

2M AS, Guidelines on Use of Internal Models for Liability and Capital Requirements for Life 
Insurance Products Containing Investment Guarantees with Non-Linear Payouts (ID 01/13), para 
2.3.1 & 3.1.4. 
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In terms of investment decisions, the board of directors has the duty to approve and 
review the investment policy of an insurer,’ and to conduct additional oversight to 
ensure that the interests and rights of policy owners are not compromised.” An 
appointed actuary should provide written recommendations for the allocation of 
insurance funds” to the board, and alert board members about any issues that need 
attention.’ This can help the board and senior management make appropriate 
management decisions. In terms of reinsurance management, the board should also 
ensure there is a sound and prudent reinsurance management strategy in addition to 
operational policies.” 

The board is also ultimately responsible for approving risk management strategies 
and policies concerning insurers’ core insurance activities” and their ‘own risk and 
solvency assessment’ (ORSA).°° The board should also oversee an insurer’s tech- 
nology risk management through a sound and robust framework,” be involved in 
key IT decisions? and regularly review the fraud management strategy.** 
Maintaining effective oversight and governance of outsourcing arrangements is 
also under the board’s remit.” 

Third, the board also has responsibility for ensuring that the business complies 
with business conduct regulations. Under Singapore law, ‘[a]n institution should 
have clear written policies, approved by the Board or senior management, on issues 
relating to dealings with customers and risk disclosures’.*° For a financial adviser, an 
insurer or insurance broker recommends new life insurance products to customers, 
and each member of the board is expected to be personally satisfied that the product 
is suitable for the target customer segment.” 

The board and senior management are responsible for setting the right tone when 
conducting marketing and distribution activities for customers, ensuring these 
activities are responsible and professional?” and that safeguards required by law 


?4MAS, Notice on Investment of Insurers (Notice 125), para 8, 12 and 18. 
?5MAS, Notice on Investment of Insurers (Notice 125), para 8. 

26 Insurance (Actuaries) Regulations reg 7(1). 

? Insurance (Actuaries) Regulations reg 10(1). 

28 MAS, Reinsurance Management (Notice 114), para 7 & 9. 


?°MAS, Guidelines on Risk Management Practices for Insurance Business, para 2.2.2; MAS, 
Guidelines on Risk Management Practices — Market Risk, para 3.1.1. 


3°MAS, Guidance on Insurers’ Own Risk and Solvency Assessments, para 3.1; MAS, Enterprise 
Risk Management (“ERM”) for Insurers (Notice 126), para 33. 


3!MAS, Technology Risk Management Guidelines, para 3.0.2 and 3.1.1. 

3? MAS, Technology Risk Management Guidelines, para 3.1.1. 
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34MAS, Guidelines on Outsourcing, para 5.2. 
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37M AS, Guidelines on Standards of Conduct for Marketing and Distribution Activities, para 1.1. 
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(e.g. call-backs or mystery shopping) are incorporated into the relevant policies and 
processes.” 

Finally, the board has various administrative duties. For example, the directors 
must sign off the annual returns submitted to the MAS.*° The board has the 
responsibility to ensure that sound risk management and controls are in place in 
terms of anti-money laundering and the countering of financing of terrorism (AML 
\CFT) practices.*° The quality of board and senior management oversight is an 
important assessment benchmark.*! 

The boards of insurers are expected to shoulder far more responsibility than those 
of non-financial institutions. Thus, good corporate governance should directly affect 
how the board and senior management can fulfil their roles in terms of regulatory 
compliance. Strengthening the corporate governance standards of insurers thus 
represents an important regulatory tool that is central to insurance regulations. 


2.3 Corporate Governance Standards for Insurers Under 
Singapore Law 


As in the general corporate governance regimes of listed companies, the indepen- 
dence of the board, the separation of the role of the chairman and the chief executive 
officer and the creation of sub-committees at the board level all help to improve and 
ensure standards of corporate governance. Regulators also control the appointment 
of key positions in insurance firms. Good corporate governance may be a condition 
for acquiring a licence as an insurer or reinsurer, which can include ensuring that ‘fit 
and proper’ criteria are satisfied. 

Corporate governance standards for insurers in Singapore are mainly regulated by 
the Insurance (Corporate Governance) Regulations 2013 (ICGR), first published in 
April 2013, and only amended once in 2018. The ICGR generally follows the 
corporate governance mechanisms stated in the Code of Corporate Governance 
(the ‘Code’) issued by the Monetary Authority of Singapore (MAS) for listed 
companies in the Singapore Exchange (SGX). However, the Code is to some extent 
modified in the ICGR. 

First, the ICGR applies different standards depending on the size of the insurer. 
Larger firms are subject to a higher degree of regulation. The ICGR divides insurers 
into Tier 1 and Tier 2 insurers. A direct life insurer in Tier 1 has a minimum of S$5 
million in total assets, while a direct general insurer has a minimum of $$500 million 


38MAS, Guidelines on Standards of Conduct for Marketing and Distribution Activities, para 1.2. 
3°. g. Insurance (Approved Marine, Aviation and Transit Insurers) Regulations, Second Schedule; 
Insurance (Authorised Reinsurers) Regulations reg 9. 
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41 MAS, Guidelines to MAS Notice 314 on Prevention of Money Laundering and Countering the 
Financing of Terrorism, para 1-3. 
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(about US$ 360 million),** unless otherwise approved by the MAS.** Tier 2 insurers 
include all those not in Tier 1. 

Second, regardless of the type of insurer, the independence of the board of 
directors represents the essential corporate governance regime. In principle, a Tier 
1 insurer should have a majority of directors who are independent, but the threshold 
for a Tier 2 insurer is one third of the board.“ However, where a Tier 1 insurer has a 
single shareholder who holds 50% or more of the share capital or voting power 
(i.e. has majority control), it only needs more than one-third of the board to be 
independent, but the majority of the board must be independent from management 
and business relationships (although not from substantial shareholders).*° In this 
situation, in which a single shareholder has majority control, failing to meet the 
minimum standards may result in criminal sanctions.*° Compliance with the ICGR is 
therefore mandatory rather than in the form of ‘comply or explain’, as is the case for 
the general Code of Corporate Governance.*’ 

An independent director is not involved in any management and business rela- 
tionship with the insurer or any substantial shareholder of the insurer, and has served 
on the board for less than nine years.’ In addition, neither the director nor his 
immediate family can have any management or business relationships with the 
insurer’s subsidiaries.’ Independence from the substantial shareholders also 
means that a director cannot be a substantial shareholder (who holds at least 5% of 
the insurer’s shares) or be connected to a substantial shareholder (such as through 
employment or as an executive).°° 

Third, the ICGR also requires the separation of the roles of the chairman of the 
board and executives.°' This represents an attempt to avoid the situation of 
chairman-chief executive officer (CEO) duality, in which the same person is the 
chairman and the top executive. Separating the roles should mean that the board is 
more likely to be effective in monitoring senior management and making proper 
decisions. The rule also means that the chairman of an insurer must be a 
non-executive (although not necessarily independent) director, as the chairman 
cannot be an executive director. 

Fourth, specialised board committees can strengthen corporate governance. A 
Tier 1 insurer is required to have more committees at the board level, such as 


“CGR Reg 4(1)(a). 

43TCGR Reg 4(3). 

“ICGR Reg 6(1). 

“SICGR Reg 5(2). 

4°1CGR Reg 5(6) to (8). 
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nominating, remuneration, audit and risk management committees.>* Tier 1 insurers 
can also have an executive committee, again subject to the independence stan- 
dards.” However, the requirement to have nominating, remuneration and risk 
management committees may be waived if the insurer is a subsidiary of a bank or 
another insurer whose board performs the function of these committees, subject to 
the notification of the regulator.°** 

These committees (other than the executive committee) should comprise at least 
three directors. A majority of the members of the nominating, remuneration and 
audit committees must be independent directors.* Board independence is thus also 
enforced at the committee level. The audit committee must include at least three 
directors who have no management and business relationships with the Tier 
1 insurer.” However, the requirement is lower for risk management committees, 
in which a majority of members must be non-executive directors (who may or may 
not be independent).°’ Members of these committees require unfettered access to the 
firm’s information so that they can do their jobs effectively.>* 

The responsibilities of the nominating committee are to nominate and review 
directors and the principal officer, actuary, chief financial officer and chief risk 
officer.” The primary function of the remuneration committee is to recommend a 
framework to determine the remuneration (including bonuses) of directors and 
executive officers of Tier 1 insurers.°° The audit committee oversees internal and 
external audits and accounts, which can include related party transactions.’ The risk 
management committee is responsible for an enterprise-wide independent risk 
management system and for monitoring its effectiveness.” 

The standards are more relaxed for a Tier 2 insurer. The functions of 
the abovementioned committees are mainly delegated to the board of directors.°° 
The board of a Tier 2 insurer can of course delegate to a sub-committee, although the 
ICGR does not make this mandatory. 

Fifth, as is common in financial institutions, the appointment of nominated 
committee members, the chief financial officer and the chief risk officer must be 
approved by the MAS beforehand.” This is in addition to the general rule that an 


>7ICGR Reg 10(1). 
S3ICGR Reg 9. 
S4ICGR Reg 10(3). 
SICGR Reg 11(1) and 16(1). 
S°ICGR Reg 17(1). 
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insurer’s chief executive officer and appointed actuaries must be approved by the 
MAS before their appointment.°° An insurer should ensure that its board assesses 
whether any directors or key executives have any conflicts of interest that prevent 
them from discharging their duties before requesting approval from the MAS.°° 

Finally, although not stated in the ICGR, key insurer or insurance broker person- 
nel in Singapore must be deemed ‘fit and proper’. These personnel include the firm’s 
chief executive officer (CEO), directors, approved or certifying actuaries, brokering 
staff, substantial shareholders and anyone with effective control of the insurer.°’ An 
insurer should also have a policy approved by the board to ascertain whether these 
key personnel are fit and proper. 

The three general standards in the ‘fit and proper’ criteria are (a) honesty, integrity 
and reputation; (b) competence and capability; and (c) financial soundness.” These 
are designed to reduce the likelihood of the misuse of funds. The standards are not 
elaborated further in this chapter.’° 

In summary, the key features of corporate governance regimes for insurers under 
Singapore law are as follows. First, the MAS imposes higher standards on larger 
insurers (i.e. the Tier 1 insurers) but the rules are more relaxed for smaller firms. 
Second, the corporate governance standards are mandatory for insurers, rather than 
‘comply or explain’ for listed companies in the stock market. Third, the basic 
requirements include the independence of the board of directors and the creation 
of board committees for larger insurers, thus ensuring the proper appointment of 
board members and senior management. Creating remuneration incentives that align 
personal interests with the firm’s interests, conducting proper audits of the 
company’s accounts and maintaining appropriate risk management strategies are 
also important. The regime is strengthened by the ‘fit and proper’ requirements of 
board of directors. A licensed insurer also has an obligation to disclose ‘key features 
of its corporate governance framework and management controls’’’ to the public, 
thus improving transparency. 


3 Reflection: Challenges to Singapore as an Insurance Hub 


One key question is how the agency cost and regulatory compliance perspectives can 
be reconciled when designing corporate governance regimes for insurers. Regulators 
should also avoid imposing over-burdening costs. This part first examines corporate 
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governance practices of selected insurers in Singapore, based on public information, 
to provide an overview of such practices. Then, the chapter investigates corporate 
governance regime for insurers in Singapore from two perspectives. First, the 
chapter considers whether Singapore’s regulations are sufficiently flexible to meet 
different types of insurance services providers in the Singapore market. Second, the 
chapter assesses the effectiveness of key corporate governance regimes in improving 
the ability of boards to make proper management decisions, supervising senior 
management teams and ensuring compliance with insurance regulation. 


3.1 Corporate Governance Practices of Selected Insurers 
in Singapore 


How do insurers in Singapore respond to the corporate governance regulations 
identified? Market practices must be examined to better understand corporate gov- 
ernance among insurers in Singapore. 

However, extracting precise data for all insurers registered with the MAS is 
extremely difficult. Information on the corporate governance practices of insurers 
registered in Singapore is surprisingly lacking in the public sphere. The annual 
returns submitted by insurers to the regulator” do not contain any information 
regarding the board of directors and senior management. However, many insurers 
are either branches or wholly owned subsidiaries of other firms. They may be 
incorporated as private companies, and thus their information is not required to be 
made in public as their shares are not traded publicly in the stock market. Informa- 
tion for captive insurers is even scarcer, as they are subject to less regulatory 
requirements. Thus, acquiring a full picture of the corporate governance practices 
of all insurers in the market is challenging. 

Table 1 provides limited data from public reports by some insurers in Singapore. 

The list of financial institutions available on the website of the MAS indicates that 
at end of May 2020, there were 17 direct life insurers, 51 general direct insurers and 
8 composite insurers registered in Singapore, in addition to 35 reinsurers (including 
life, general and composite reinsurers) and 77 captive insurers (of all kinds).”? The 
number of direct insurers that can be successfully identified as providing corporate 
governance information in the public sphere from the total (as shown in Table 1) is 
very limited. 

Based on this limited sample of information, we make the following observations. 
First, there is obviously room to improve the transparency of corporate governance 
data, given the importance of corporate governance in terms of agency problems and 
regulatory compliance. The MAS publishes annual returns submitted by insurers on 


”MAS website: https://www.mas.gov.sg/statistics/insurance-statistics/insurance-company-returns 
(last accessed 24 July 2020). 


™See MAS website: https://eservices.mas.gov.sg/fid (last accessed 24 July 2020). 
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Table 1 Corporate governance benchmarks for some direct insurers in Singapore based on their 
latest annual reports 


Number of Number of Chairman- 

Board | independent executive CEO 
Insurer size directors directors duality 
Great Eastern Life Assurance 10 6 1 No 
(2019)* 
NTUC Income Insurance 10 8 0 No 
Cooperative Ltd (2018)° 
Prudential Assurance Company 5 3 2 No 
Singapore Pte Ltd (2019)° 
Tokio Marine Life Insurance 5 3 0 No 
Singapore Ltd (2020)¢ 
SingLife (2020)° 5 2 1 No 
Aviva Ltd (Singapore) (2020)' 5 2 1 No 
China Taiping Insurance (Sin- 3 1 2 No 
gapore) Pte Ltd (2018)° 
Tokio Marine Insurance Pte Ltd | 5 NA 2 No 
(2020)* 
QBE Insurance (Singapore) Pte 5 2 NA No 
Ltd (2020)' 
United Overseas Insurance Ltd 9 4 1 No 
(2019) 
MS First Capital Insurance Ltd 9 NA NA No 
(2020)* 


The table is produced by the author 

See https://www.greateasternlife.com/content/dam/great-eastern/sg/homepage/about-us/investor- 
relations/annual-reports/2019-annual-report.pdf (last accessed 24 July 2020) 

>See https://www.income.com.sg/annual-report/2018/index.html (last accessed 24 July 2020) 
“See https://www.prudential.com.sg/annual-reports (last accessed 24 July 2020) 

“See — https://www.tokiomarine.com/sg/en/about-us/life-insurance/management-team.html (last 
accessed 24 July 2020) 

“See https://singlife.com/about-us/shareholders-and-board-of-directors/ (last accessed 24 July 
2020) 

‘See https://www.aviva.com.sg/en/about-us/corporate-governance/ (last accessed 24 July 2020) 
ESee https://www.sg.cntaiping.com/images/document/08AnnualReports/2018_ 
CNTPAnnualReport.pdf?format=pdf (last accessed 24 July 2020) 

"See https://www.tokiomarine.com/sg/en/about-us/general-insurance/management-team.html (last 
accessed 24 July 2020) 

‘See qbe.com/sg/about-qbe/corporate-governance (last accessed 24 July 2020) 

JSee https://www.uoi.com.sg/uoi/assets/pdfs/annual-report-2019.pdf (last accessed 24 July 2020) 
‘See https://www.msfirstcapital.com.sg/board_directors.html (last accessed 24 July 2020) 


its website, and therefore basic information on the financial conditions of these 
insurers is already in the public space. Further basic information (such as a list of 
board members) on insurers’ corporate governance practices could be disclosed on 
the same platform. If an insurer is already compelled to disclose financial informa- 
tion about its insurance business and funds, it should have no valid grounds to reject 
the disclosure of its basic corporate governance practices. 
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Thus, it is suggested that the regulator request insurers to submit additional 
information about board composition, independence and other critical governance 
benchmarks. Even if an insurer is a wholly owned subsidiary of a parent insurer, 
there are still advantages to improving transparency as it serves many customers in 
the local market. Although concerns over agency costs for such subsidiaries may be 
reduced, the proper management of insurance funds and regulatory compliance can 
still be an issue. 

Second, the companies in the limited sample all appear to generally comply with 
the minimum board independence requirements and the rule against chairman-CEO 
duality. However, one interesting pattern observed in the limited data is that insurers 
that are public companies (e.g. Great Eastern Life or NTUC Income) tend to have 
larger boards and more independent directors than those incorporated as private 
companies (indicating that they are subsidiaries of another financial holding com- 
pany or an overseas insurer). 

The differences in terms of compliance strategies (if the limited data represent the 
whole population of insurers registered in Singapore) are understandable. If an 
insurer is a wholly owned subsidiary of another foreign insurer, the board of the 
subsidiary is likely to have less management power when most important decisions 
are probably determined by the board of the parent company. Thus, there is no need 
for a larger board in the subsidiary insurer in terms of making management deci- 
sions. Large boards also increase operational costs. 

However, insurers that are public companies (sometimes listed for trading on the 
stock exchange) may face more scrutiny from other shareholders and the market. If 
the insurer is not a subsidiary, the board is expected to play a more significant role in 
making management decisions. Thus, it is understandable that they have larger 
boards of directors, and consequently more independent directors. One study in 
2016 has shown that the average number of independent directors on the board of the 
top 50 companies listed in the Singapore Exchange was about 5.7 persons.” The 
number of independent directors in Great Eastern and NTUC Income (the first 
companies in Table 1) are comparable with other large companies listed in 
Singapore’s stock market. 

The question for regulators is to determine the optimal size of the board and the 
level of board independence. Although there may be less concern over agency costs 
if an insurer is a wholly owned subsidiary of a parent insurer, the board must still 
play its role in regulatory compliance. Thus, would a small board serve its purpose in 
terms of regulatory compliance? This question is addressed in the following two 
sections. 


74 Chen (2016), p. 341. 
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3.2 Reflection on the Corporate Governance Standards 


There are pros and cons on how regulators should impose corporate governance 
standards. One common approach is that regulators would apply a uniform approach 
to request insurers to follow certain minimum standards. A uniform approach for the 
corporate governance of insurers has both pros and cons. Uniformity may facilitate 
more effective supervision, as a common benchmark can make it easier for regula- 
tors and the market to evaluate and assess corporate governance standards in the 
same market. Equal treatment may also be beneficial, as a smaller insurer is still 
susceptible to agency costs and the possibility of business mismanagement, so 
minimum standards should still apply. 

However, a uniform approach to insurers’ corporate governance standards may 
have some disadvantages. First, given the diversity of insurers in the market, a 
uniform requirement applicable to all kinds of insurers may not be the most efficient 
as it invariably must ignore the variety of firm characteristics. For example, some 
insurers may be publicly listed companies with thousands of shareholders and 
prospective investors in the capital market, and others may be wholly owned sub- 
sidiaries of parent insurers or captive insurers for an industrial group. In terms of 
agency costs, higher standards may be more appropriate for the former than the 
latter. However, a uniform approach does not capture the difference in terms of 
ownership structure (or other characteristics). Therefore, there is a possibility that 
regulators impose requirements that are unfit for certain insurers. 

Second, the impact of compliance resources differs depending on the type and 
size of the insurer. Smaller insurers may not be able to compete with larger 
competitors in attracting suitable board member candidates as the costs may be too 
high.’° Hence, a uniform approach may be more advantageous for larger insurers if 
the compliance costs are too high. Over-regulation may increase compliance costs 
and might lead to some insurers setting up businesses in other countries. This could 
damage Singapore’s competitive advantage in terms of being a global insurance hub. 
In contrast, under-regulation may cause ineffective corporate governance. Regula- 
tors need to carefully balance the costs and benefits to make the most optimal 
requirement. 

Singapore, as an international financial centre, faces challenges in implementing 
corporate governance standards to insurers. First, the retail and wholesale markets in 
Singapore are distinct. Some insurers serve local customers, regardless of whether 
they are individuals or businesses. However, many insurers, reinsurers or brokers 
conduct, negotiate and offer risk protection at a wholesale level. The management 
and regulatory compliance of local insurers thus directly affect domestic customers. 
Imposing higher standards on insurers serving retail customers may therefore be 
preferable. 

In contrast, there should be less need to overly regulate insurers in the wholesale 
market. As they do not deal directly with retail customers, there are fewer prudential 


Chen (2019), pp. 358-359. 
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and consumer protection concerns. In the small world of reinsurance, the market 
may be able to deal with specific concerns (e.g. agency problems) without more 
intrusive regulations. A more flexible approach in the wholesale market may also 
help Singapore become an insurance risk trading centre without creating unneces- 
sary regulatory burdens. 

Moreover, some insurers are registered as local companies while others are 
registered abroad. Locally registered insurers may be purely local firms (e.g. MS 
First Capital Insurance) or part of a local financial group (e.g. Great Eastern Life 
Assurance as part of the OCBC Group, or UOB Overseas Insurance as part of the 
UOB group). Others may be local wholly owned subsidiaries of a foreign insurer 
(e.g. Chubb Insurance Singapore or MSIG Insurance (Singapore)). However, some 
foreign insurers prefer to set up branches (Allianz Global Corporate & Speciality SE, 
Singapore Branch, or Aetna Insurance Company Ltd, Singapore Branch) rather than 
create subsidiaries to conduct business in the city-state. 

From the perspective corporate governance, being a local firm or a branch can 
make a huge difference. Regardless of the ultimate owner, a locally registered 
company must follow Singapore’s company law and MAS regulations in terms of 
corporate governance. A locally incorporated company must be governed by a 
separate board, although many insurers (particularly wholly owned subsidiaries of 
foreign insurers) may choose not to make public information about the board and 
senior management. In contrast, if the commercial presence of a foreign insurer is 
through a branch, the insurer remains a foreign-incorporated company and there is 
no need to have a separate board of directors for the Singapore business. In addition, 
the power of the MAS to enforce rules against the board of a foreign company is 
more limited as the MAS in principle cannot exercise its regulatory power in another 
country. Thus, enforcing corporate governance standards on foreign firms with 
branches in Singapore will be more challenging. 

Last, Singapore is also home to many captive insurers. These are insurance 
companies set up by another company or industry group to underwrite the risk of 
the owner or the group. They are typically set up in offshore tax havens, but 
Singapore is one of the largest centres of captive insurers in Asia. Various exemp- 
tions are provided in Singapore law to attract them. For example, captive insurers are 
not subject to the same capital requirements as other direct insurers provided they 
meet the minimum paid-up capital requirement.”© The fund solvency requirement is 
also more relaxed.” The MAS exempts captive insurers from some reporting 
requirements, although this measure reduces transparency in the captive sector. 
Nevertheless, the nature of captive insurers means that there are limitations on 
their ability to underwrite non-in-house risk.’”® 


7°Tnsurance (General Provisions and Exemptions for Captive Insurers) Regulations 2018 reg 3. 
7 Insurance (General Provisions and Exemptions for Captive Insurers) Regulations 2018 reg 4 and 
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Captive insurers typically underwrite risks only from the same industry group, so 
there may be a lower demand for regulatory compliance. If a captive insurer is 
wholly owned by its parent company, there is less concern over agency costs. Thus, 
captive insurers may not need to be subject to the same corporate governance 
requirements as other direct insurers or re-insurers. 

The current state of Singapore’s corporate governance regime can thus be con- 
sidered in light of the challenges faced from the diversity of insurers.’” As discussed 
in Sect. 2.3, this regime is in general a uniform approach consisting of minimum 
requirements. The minimum requirements are largely in line with the common 
requirement for listed companies in the stock market. Hence, the minimum corporate 
governance requirements should not cause too much over-burden on insurers if the 
requirements are also commonly complied with by firms in the capital market. 

However, the MAS also made some adjustments for some degrees of differential 
treatment. The application of corporate governance rules by the MAS differ 
according to the size of the business. A larger insurer (presumably serving more 
customers) is subject to a higher standard, and smaller insurers receive more 
leniency. If a larger insurer is majority owned by another insurer, the threshold for 
board independence is also lowered to one third (rather than half the board).°° In 
addition, insurers that are subsidiaries of other insurers may also be exempt from the 
requirement to have particular committees at the board level. 

A further question is whether Singapore’s approach effectively allays concerns 
from having a uniform approach with some degrees of differential treatment. From 
the agency cost perspective, granting exemptions for insurers that are wholly sub- 
sidiaries should have addressed some concerns discussed above. Most insurers 
registered with the MAS are within the Tier 2 category and thus are subject to 
lower corporate governance requirements. 

However, size may not be a suitable benchmark if viewed from the perspective of 
regulatory compliance. Imposing higher requirements for larger insurers (i.e. Tier 
1 insurers) is understandable, as any lapse in compliance is likely to affect a larger 
number of customers. However, the argument that smaller insurers should enjoy 
lower regulatory compliance is not convincing. After all, any lapse in compliance or 
occurrence of corporate scandals still hurt retail customers and a small insurer’s 
shareholders. 

The MAS regulations currently require a Tier | insurer to ensure that at least half 
the board are independent directors, but the threshold drops to one third for Tier 
2 (i.e. smaller) insurers. The one-third threshold is the same as the minimum 
requirement for other listed companies, as prescribed by the Code of Corporate 
Governance.*! 


™ See above Sect. 2.3. 
80 See Sect. 2.3 above. 
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Thus, the lower threshold of board independence for Tier 2 insurers is arguably 
compatible with the general corporate governance standards for non-financial firms, 
and therefore lowing corporate governance standards for smaller insurers should not 
cause a concern, even if a smaller insurer is a public company that has many 
shareholders under the current corporate governance framework in Singapore. 

However, the general Code of Corporate Governance requires a firm to have at 
least half of the board as independent directors under some circumstances (e.g. when 
the chairman and chief executive are the same person).*? This requirement is also 
stated in the Guidelines on Corporate Governance for Financial Holding Compa- 
nies, Banks, Direct Insurers, Reinsurer and Captive Insurers which are Incorpo- 
rated in Singapore,” but not in the ICGR, which was issued in the same year. The 
guidelines have not been updated in the Code of Corporate Governance for listed 
companies, which was revised in 2018. In addition, the guidelines only apply to 
insurers incorporated in Singapore, and do not apply to branches of a foreign insurer. 
Thus, there may be gaps in terms of board independence requirements. 

In addition, it is not clear why a large insurer that is a subsidiary of a bank or 
another insurer may be exempted from having some board-level committees. Com- 
pliance costs may be saved if the function of the committees (e.g. nomination) is 
accomplished by the parent company’s board of directors. If the insurer is large, 
arguably it should still be subject to the full set of corporate governance require- 
ments, even if it is a wholly owned subsidiary of another bank or insurer, to ensure 
better regulatory compliance for prudential or business conduct reasons. The MAS 
could consider this in future. 


3.3 Effectiveness of Corporate Governance Regimes 
in Regulatory Compliance 


The board of directors is the ultimate decision-maker for major corporate decisions 
and supervises the senior management team, but it also takes responsibility for 
numerous regulatory compliance issues, ranging from prudent regulations and risk 
management to the conduct of business and AML/CFT.™ The effectiveness of 
corporate governance requirements in Singapore in terms of compliance with insur- 
ance regulations should thus be investigated. General issues are raised in this section, 
which may apply not only to the Singapore market, but also to those of other 
countries. 

Current corporate governance regimes in Singapore could be open to some 
general criticism in terms of regulatory compliance. One general question is whether 
board independence regime is sufficient to support and improve the quality of 


®2MAS, Code of Corporate Governance, Provision 2.2. 
83 MAS, Guidelines on Corporate Governance (2013), p. 7. 
84 See Sect. 2.3 above. 
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regulatory compliance by an insurer. The concept of board independence and some 
other commonly seen corporate governance regimes (such as audit and remuneration 
committees) are closely linked to address the agency problem and corporate scandals 
(such as accounting frauds). Having more outsiders on the board may provide more 
diverse views, and an outsider may also be more willing to speak up and less likely to 
collude with the management. Therefore, the regime could improve the monitoring 
of the management and reduce agency costs. 

However, whether corporate governance regimes based on the concept of board 
independence is much less explored. One study of banks in Tunisia also shows that 
board independence plays an important roles in enhancing credit quality of loans.*° 
Another research shows that financial performance of banks were better during the 
financial crisis for financial institutions with more independent directors on audit and 
risk committees.*° Therefore, there are evidence suggesting that having some inde- 
pendent directors on the board should also improve the board’s monitoring function 
and thus help to achieve better regulatory compliance. 

In addition, the ability of the board to monitor and ensure the quality of regulatory 
compliance is also supported by other regulatory requirements. For example, under 
Singapore law, the appointment of a director on the board and some key persons 
(including substantial shareholders, chief executive officer, or actuaries) might 
require prior regulatory approval.*’ In addition, directors and key persons of an 
insurer need to satisfy the ‘fit and proper’ criteria.** In other words, directors 
(no matter they are independent or not) need to possess the quality of ‘honesty, 
integrity, and reputation’, ‘competence and capability’, and ‘financial soundness’.®? 
In particular, the competence and capability requirements, combined with prior 
regulatory approval process, could ensure that the board and top management of 
an insurer should possess sufficient knowledge, experience and expertise to com- 
plete their function of supervising internal control system and ensuring compliance 
with regulations. 

However, there are also counter arguments. First, whether the board can be 
effective in supervising the internal control system and various regulatory compli- 
ance functions partly depends on the information the board (and particularly inde- 
pendent directors) can acquire. Ideally, the board and individual directors should be 
able to acquire the information they need to make a judgment. However, it does not 
necessarily mean that information must be provided to the board without being 
requested. Thus, proper information flow is essential to the success of corporate 


85 Moussa (2019), p. 640. 
86 Yeh et al. (2011), p. 437. 
87 See Sect. 2.3 above. 

88 See Sect. 2.3 above. 


®° Fit and Proper Criteria, para 8. 
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governance regimes.”° For example, directors could actively review and examine the 
role of compliance officer and front-desk supervisors based on their own initiative to 
ensure that salespersons would behave properly when promoting an insurance 
product to a client. Naturally, the board should be able to request information on 
sales practice generally or regarding an individual case to consider whether the 
existing regime is sufficient to meet regulatory requirements. However, when a 
misselling incident occurs, the board is only made aware of the incident when they 
are informed. Hence, there could be an information gap between what the board 
actually knows and what happens in practice. Such gap could undermine the board 
of directors to exercise their function effectively. 

Second, to fully accomplish the regulatory compliance requirements imposed on 
the board, directors (independent or otherwise) must possess sufficient expertise not 
only in terms of insurance-specific issues but also in a broad range of topics such as 
risk management,’! sales practices, anti-money laundering and even IT 
outsourcing.” Hence, knowledge and understanding of financial models is essen- 
tial.” A board also has the responsibility to ensure that senior management have the 
appropriate skills to manage the risks posed by internal models and that the company 
has clear and comprehensive policies regarding the use of such models.” One 
survey in the US conducted a decade ago shows that most directors of public 
companies at the time were doubtful on the company’s ability to monitor a risk 
management plan.’ Thus, there could be real concerns over the board’s ability and 
capacity in supervising the internal control and compliance systems in a specialised 
business like insurance. 

From this perspective, board independence alone cannot address the ability of the 
board to handle a wide range of compliance matters. Independence may mean that 
directors are less likely to collude with management in terms of internal control and 
compliance, but board members with diverse backgrounds can also be beneficial 
(e.g. finance, law, accounting, etc.). One study in South Africa finds that higher 
board independence is actually detrimental to efficiency of life insurers in the 
country.” However, whether the same finding could be replicated in Singapore or 
other countries is subject to further studies. 


°°G20/0ECD Principles of Corporate Governance (2015), http://www.cecd-ilibrary.org/ 
governance/g20-oecd-principles-of-corporate-governance-2015_9789264236882-en (last accessed 
24 July 2020), pp. 5-6. 

°l For example, MAS, Enterprise Risk Management (‘ERM’) for Insurers (Notice 126), para 56. 
*?MAS, Technology Risk Management Guidelines, para 5.1.1. 


?3MAS, Guidelines on Use of Internal Models for Liability and Capital Requirements for Life 
Insurance Products Containing Investment Guarantees with Non-Linear Payouts (ID 01/13), para 
3.1. 

°4MAS, Guidelines on Use of Internal Models for Liability and Capital Requirements for Life 
Insurance Products Containing Investment Guarantees with Non-Linear Payouts (ID 01/13), para 
3.1.2 and 3.1.3, and 3.2 et seq. 

”5 Bamberger (2020), p. 711. 


°© Alhassan and Boakye (2020), p. 217. 
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However, in Singapore the focus of the corporate governance requirement is on 
board independence. While this may satisfy the need to contain agency costs, there is 
no clear effort to ensure that the board has sufficient expertise in terms of regulatory 
compliance. Although directors must be ‘fit and proper’ and have proper compe- 
tence and capacity, it does not necessarily warrant that appointed directors must 
possess sufficient knowledge or experiences review and supervise a wide range of 
regulatory compliance issues especially when specific knowledge (e.g. risk manage- 
ment for investment) is required. 

Moreover, to measure ‘competence and capacity’ of a director or chief executive 
officer, the MAS in Singapore relies on general benchmarks such as ‘past perfor- 
mance or expertise’ or ‘satisfactory educational qualification or experience, relevant 
skills and knowledge’.”” Nevertheless, the looping question is what the necessary 
knowledge and experienced required for a wide range of compliance issues and how 
to keep a balanced composition of the board to strengthen its ability to oversee an 
insurer’s regulatory compliance. In theory, a nomination committee could select 
suitable candidates based on the professional knowledge of the committee members, 
but whether this is always true in practice should be investigated further. 

Third, an over-reliance on independent directors may cause other issues. They 
may become overloaded, thus increasing their legal risk and reducing the possibility 
of hiring good candidates in the future. As Sect. 3.1 shows, insurers that are public 
companies in Singapore appear to have larger boards and more independent direc- 
tors, while those that are wholly owned subsidiaries of another insurance or banking 
group tend to have smaller boards and fewer (often only two or three) independent 
directors. These few independent directors will then carry the full responsibility of 
overseeing regulatory compliance and internal processes, in addition to other cor- 
porate governance functions (e.g. reviewing related party transactions). This likeli- 
hood should be considered further by regulators in the current corporate governance 
requirements. 


4 Conclusion 


Singapore presents a challenge to setting appropriate corporate governance stan- 
dards for insurers. The market consists of multiple layers of direct insurers and 
reinsurers with various ownership structures and business focuses. In this chapter, it 
is argued that Singapore could improve transparency, notably for direct insurers and 
in terms of agency costs and regulatory compliance. The general approach adopted 
in Singapore is a uniform approach with minimum requirements and some different 
treatments. Large insurers are subject to a higher standard while smaller ones enjoy 
lower requirements. Given that the regulatory standards are minimum requirements 
and are compatible with the general corporate governance requirements for 


°T Fit and Proper Criteria, para 14. 
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companies in the stock market, having a lower standard for smaller insurers and large 
insurers that are majority owned by another insurer is acceptable, as agency costs are 
not necessarily increased. However, regulators should also rethink and evaluate the 
reliance on board independence and having a more balanced composition of direc- 
tors to ensure regulatory compliance and internal governance functions in addition to 
existing corporate governance and ‘fit and proper’ requirements. Regulators could 
rather seek to improve board diversity (in terms of expertise), the role of nomination 
committee and selection process of board members, and internal information flow, to 
help the board to make proper decisions regarding compliance of insurance 
regulations. 
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Abstract In this chapter, largely finalised before the presentation of a legisla- 
tive proposal for a European Insurance Recovery and Resolution Directive, on 
September 2021, recovery and resolution frameworks of insurance companies and 
insurance groups are discussed. Currently, the insurance regulatory framework at the 
European level (Solvency II) does not contain a fully developed framework with 
respect to recovery and (orderly) resolution such as the Bank Recovery & Resolution 
Directive and the Single Resolution Mechanism. Recent developments at the inter- 
national level on the initiative of the Financial Stability Board and International 
Association of Insurance Supervisors are discussed. It is the expectation that the 
Solvency II 2020 review will introduce minimum harmonising regulatory standards 
at the European level with respect to the recovery and resolution of insurers. In this 
chapter, the assumption is made that the legislative proposal of the European 
Commission will be based on the technical advice, provided by EIOPA in the 
context of the Solvency II 2020 review. Therefore, this chapter discusses this 
technical advice in some detail. Recovery and resolution frameworks, particularly 
ex-ante planning, requires insurance companies and insurance groups to expand their 
focus from the regular going concern focus to adverse circumstances, including the 
ability to recover and to be resolved in orderly manner. The chapter assesses the 
consequences this change of focus might have on the governance of insurance 
companies and groups. 
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1 Introduction 


The governance of insurance companies and insurance groups is significantly more 
regulated and subject to supervisory scrutiny than the governance of companies 
outside the financial sector. Insurance regulatory frameworks, such as in the 
European Solvency II framework, include extensive requirements with respect to 
the system of governance. In the Solvency II framework these requirements form 
part of Pillar 2, within the 3 Pillar design of the Solvency II framework.' These 
requirements are, to a large extent, based on the assumption that insurance compa- 
nies and insurance groups are operating and continue to operate on a going concern 
basis. Insurance supervision (going concern) has a similar key focus. 

In particular, since the financial crisis of 2008—2009, supervision of the financial 
sector has increasingly focused on more adverse circumstances that financial under- 
takings, including insurance companies, could be faced with, such as a (threatening) 
breach of solvency requirements and the ability of insurance companies to recover 
from such as breach or threatening breach. 

Furthermore, increasing attention is also paid to circumstances in which financial 
institutions, such as banks, central counterparties, as well as insurance companies, 
despite efforts to turn the situation around, are unable to recover by themselves, fail 
and consequently should be either liquidated in bankruptcy or resolved in an 
alternative manner. Although regulation and supervision aim to prevent the failure 
of financial institutions, these mechanisms are not equipped nor designed to prevent 
failures of financial institutions altogether.” Clearly, additional prudence increases 
costs and makes financial products such as insurance products more expensive.” 

In both liquidation and resolution, supervisory authorities, dedicated resolution 
authorities, as well as trustees in bankruptcy, aim to ensure that losses to creditors, in 
particular the clients of financial institutions, such as insurance policyholders and 
beneficiaries, are limited to the minimum. Resolution should provide for an alterna- 
tive to liquidation in bankruptcy, mainly to provide a better outcome than liquidation 
in bankruptcy would provide. 


‘Pillar 1 consists of the quantitative requirements, such as valuation, the calculation of technical 
provisions, investments, capital requirements and own fund requirements, Pillar 2 consists of the 
system of governance, risk management and internal controls, qualitative aspects of the prudent 
person principle, outsourcing and remuneration, the own risk and solvency assessment (ORSA) and 
supervisory review process (SRP) and Pillar 3 consists of regulatory reporting and public disclosure 
requirements. 

? Solvency II (the Solvency Capital Requirement or SCR) is calibrated to 99.5% of the value at risk 
(VaR) over a one-year time horizon, the chance of a failure of 0.5% on that time horizon. Solvency 
IL is therefore not a zero-failure regime. 

3See also van Hulle (2019), pp. 236-237. The author is critical of the fact that some supervisors still 
carry on supervision with the objective or preventing all insurance failures by requiring a solvency 
ratio that is well above 100% of the SCR ratio, which is not necessarily in the interest of 
policyholders and beneficiaries, because it makes insurance more expensive. 
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Resolution regimes intend to provide an additional layer of protection to 
policyholders and beneficiaries, in addition to the protection that is already offered 
by ‘regular’ (primarily ‘going concern’) insurance regulation and supervision. While 
recovery frameworks aim to improve the chances of insurance companies to con- 
tinue operating on a going concern basis, and can be considered part of regular 
supervision, resolution measures aim to reduce losses, once an insurance company 
has failed or is likely to fail. Recovery and resolution requirements are closely 
linked, and are therefore often part of a single regulatory package. 

The development of a recovery and resolution regime can be characterised as the 
addition of a 4th pillar to the Three-Pillar structure, a pillar focused on recovery and 
resolution, including ensuring preparedness for such eventualities through ex-ante 
planning of recovery and resolution measures. The need to further develop crisis 
prevention and resolution mechanisms for insurers, comparable to those that have 
been in place at the European level for several years for banks and certain investment 
firms, became even more apparent last year, against the backdrop of the COVID-19 
pandemic. This global event has made the need for reform of the insurance regula- 
tory framework increasingly clear.* The crisis has led to greater supervisory scrutiny 
of corporate recovery and liquidation plans, with a particular focus on clear decision- 
making processes, early warning indicators, credible management actions to address 
financial difficulties and robust stress scenarios that test the recovery indicators and 
management actions identified by the insurer. 

Both recovery and resolution measures can have a significant impact on the 
governance of insurance companies and insurance groups. This is most clear when 
insurance companies or insurance groups actually fail and management and over- 
sight of the company are taken over by resolution authorities or by a trustee in 
bankruptcy, but measures can also impact the governance of the company at an 
earlier stage, when the company is still solvent and is operating on a going concern 
basis. As part of ex-ante recovery and resolution planning, companies might be 
forced by supervisory authorities or resolution authorities to take decisions that 
impact or even interfere with and be considered sub-optimal to the day-to-day 
management and corporate structure of the insurance company or insurance 
group.’ Some arrangements (such as pooling of critical services in a group) may 
make perfect sense in a going concern situation, but because such services might 
need to be disentangled in a resolution scenario, could provide an additional 
challenge for a resolution authority.° 


4BIOPA, Background document on the opinion on the opinion on the 2020 review of Solvency II - 
Impact assessment, EI|\OPA-BoS-20/751, 17 December 2020. 

>For example, instructions by resolution authorities to remove material impediments that could 
prevent the orderly resolution of the company. 

Clearly, this requires a proportionate approach and balancing between a sustainable and efficient 
operating model in going concern, while limiting potential material impediments to orderly 
resolution. 
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2 State of Play in Insurance 


Currently, the European insurance regulatory framework only provides for limited 
requirements with respect to recovery and does not include requirements for the 
resolution of insurance and reinsurance companies. In other words, in contrast to 
European banks and investment firms, European insurance regulation currently does 
not provide for an equivalent to the European Bank Recovery & Resolution Direc- 
tive (BRRD) and/or the Single Resolution Mechanism (SRM). As part of the 
Solvency II 2020 review, this is expected to change. Together with the formal 
proposal of the European Commission for amendments to the Solvency II frame- 
work, which was published on September 22, 2021, a separate legislative pro- 
posal was published to introduce a recovery and resolution framework for insurers 
and reinsurers, on a minimum harmonisation basis, a proposal for a European 
Insurance Recovery & Resolution Directive, which we will refer to in this chapter 
as the IRRD-proposal. In fact, this is one of the most important material changes in 
the 2020 review of Solvency II.’ 

At the same time, several European countries have already introduced recovery 
and resolution regimes for insurance and reinsurance companies at the Member State 
level. Based on information from an EIOPA survey, conducted in the first quarter of 
2016, three EU Member States (The Netherlands, France and Romania) had recently 
reinforced their national recovery and resolution frameworks. Similarly, the 
European landscape with respect to resolution funding and insurance guarantee 
schemes is based on national laws and consequently diverse. 


3 International and European Context 


At the international level, work on recovery and resolution of insurers and reinsurers 
is being undertaken by both the Financial Stability Board (FSB) and, as referred to 
above, by the International Association of Insurance Supervisors (IAIS). 


TECB, The new EU framework for financial crisis management and resolution, July 2011 and 
EIOPA, Background document on the opinion on the 2020 review of Solvency II — analysis, 
EIOPA-BoS-20/750, 17 December 2020. A legislative proposal for a European Insurance Recovery 
and Resolution Directive was published in September 2022 after the finalisation of this chapter. See 
European Commission, Proposal for a Directive of the European Parliament and of the Council 
establishing a framework for the recovery and resolution of insurance and reinsurance undertakings 
and amending Directives 2002/47/EC, 2004/25/EC, 2009/138/EC, (EU) 2017/1132 and Regula- 
tions (EU) No 1094/2010 and (EU) No 648/2012, COM/2021/582 final. 
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3.1 Financial Stability Board 


In 2011, the FSB adopted the so-called FSB Key Attributes of Effective Resolution 
Regimes for Financial Institutions, which were adopted by the G20 in October 
2011 at their Cannes meeting as the international standard for resolution regimes.® 
The 2011 FSB Key Attributes were supplemented in 2014 with additional guidance 
for specific types of financial institutions, including insurers. Annex II of the updated 
FSB Key Attributes” provides guidance on the implementation of the Key Attributes 
in relation to resolution regimes for insurers. It supplements the Key Attributes by 
indicating how particular KAs, or elements of particular KAs, should be interpreted 
when applied to resolution regimes for insurers. According to the FSB, while the 
general assumption is that traditional insurance activities and even some 
non-traditional insurance activities that are no longer viable will typically be 
resolved through run-off and portfolio transfer procedures, it may not be possible, 
however, to rely on these tools in all circumstances, and particularly in those cases in 
which the business model is complex or there is no corresponding market for 
portfolio transfers.'° The objective of an effective resolution regime is to make the 
resolution of financial institutions feasible without severe systemic disruption and 
without exposing taxpayers to losses, while protecting vital economic functions 
through mechanisms which make it possible for shareholders and unsecured and 
uninsured creditors to absorb losses in a manner that respects the hierarchy of claims 
in liquidation.'' Specifically for insurers, the protection of policyholders and bene- 
ficiaries is identified as an objective of a resolution regime. 


3.2 International Association of Insurance Supervisors 


The International Association of Insurance Supervisors (IAIS) is the international 
standard-setting body responsible for developing and assisting in the implementation 
of supervisory and supporting material for insurance supervision. As part of its 


SIt should be noted that the FSB Key Attributes state that any financial institution that could be 
systemically significant or critical if it fails should be subject to a resolution regime consistent with 
the Key Attributes. Therefore, it does not explicitly set expectations with respect to resolution 
regimes that are more generally applicable. 

°Financial Stability Board, Key Attributes of Effective Resolution Regimes for Financial Institu- 
tions, 15 October 2014, https://www.fsb.org/wp-content/uploads/r_141015.pdf. 

10 Financial Stability Board, Key Attributes of Effective Resolution Regimes for Financial Institu- 
tions, 15 October 2014, https://www.fsb.org/wp-content/uploads/r_141015.pdf, p. 75. However, it 
should be noted that a run-off or a portfolio transfer is likely to be, in many cases, to be an 
appropriate resolution tool (either a solvent or insolvent run-off, or supplemented by other resolu- 
tion tools (such as e.g. the transfer of an insurance portfolio to a bridge institution, restructuring of 
liabilities in resolution and/or suspension of policyholders’ surrender rights). 

1 Financial Stability Board, Key Attributes of Effective Resolution Regimes for Financial Institu- 
tions, 15 October 2014, https://www.fsb.org/wp-content/uploads/r_141015.pdf, preamble, p. 3. 
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mission, it has issued the Insurance Core Principles (ICPs) as a globally accepted 
framework for insurance supervision. The ICPs seek to encourage the maintenance 
of consistently high supervisory standards in IAIS member jurisdictions. The latest 
updated version of the ICPs dates as of November 2019. The document also includes 
the Common Framework for the Supervision of Internationally Active Insurance 
Groups, adopted as per the same date. 

TAIS has developed various principles that relate to both recovery and resolution. In 
particular, Insurance Core Principle (ICP) 12 (Exit from the Market and Resolution), 
ICP 25 (Supervisory Cooperation and Coordination) can be mentioned in relation to 
resolution, as well as the related ComFrame standards and guidance.'? In terms of 
recovery planning, reference can be made to ICP 16 (Enterprise Risk Management for 
Solvency Purposes), ICP 23 (Group Wide Supervisor) and ICP 25, mentioned above, 
as well as the related ComFrame materials for [AIGs. The IAIS has also developed an 
Application Paper on recovery planning"? and is in the process of developing an 
application paper on resolution powers and resolution planning. '* 

ICP 12 covers both the voluntary exit of insurers from the market and the 
resolution of insurers that are no longer viable or are likely to be no longer viable, 
and have no reasonable prospect of returning to viability. Contrary to the IAIS 
Glossary, ‘Resolution’ in the meaning of ICP 12 also includes ‘liquidation.’ We 
will not discuss the content of ICP 12 separately, as the content of ICP 12 is largely 
reflected in the EIOPA Opinion on the 2020 review of Solvency II that will be 
discussed later. Where appropriate, we will refer to the ICPs in that context. 

ICP 16 (Enterprise Risk Management for Solvency Purposes) is also relevant in 
the context of recovery and resolution, given the links between enterprise risk 
management, the ORSA and recovery and resolution planning, and the specific 
reference in 16.15 to recovery planning in a group context. Lastly, ICP 23 (The 
Group-wide Supervisor) and ICP 25 (Supervisory Cooperation and Coordination) 
are also relevant in this context, due to the role of the group-wide supervisor 
particularly in recovery. 

In addition to the relevant Insurance Core Principles, the IAIS has also developed 
an application paper on recovery planning," and is in the process of developing an 
Application Paper on Resolution Powers and Planning.’® 


'2ComFrame is the IAIS Common Framework for Internationally Active Insurance Groups 
(IAIGs), which provides standards and guidance in addition to the ICPs that apply to all insurance 
companies and groups, specifically for IAIGs. The latest version of the ICPs as well as the 
ComFrame material was adopted by the IAIS in its Annual General Meeting in November 2019. 
'STAIS Application Paper on recovery planning, November 18, 2019, https://www.iaisweb.org/ 
page/supervisory-material/application-papers//file/875 1 9/application-paper-on-recovery-planning. 
'STAIS, Draft Application Paper on Resolution Powers and Planning, November 9, 2020, https:// 
www.iaisweb.org/page/consultations/closed-consultations/202 1/application-paper-on-resolution- 
powers-and-planning. 

'STAIS, Application Paper on Recovery Planning, November 18, 2019, https://www.iaisweb.org/ 
page/supervisory-material/application-papers//file/875 1 9/application-paper-on-recovery-planning. 
'CTAIS, Public consultation on draft Application Paper on Resolution Powers and Planning. A 
public consultation on this draft paper was held between November 9, 2020 and February 5, 2021, 
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According to the IAIS Glossary, ‘resolution’ means the following: Actions taken 
by a resolution authority towards an insurer that is no longer viable, or is likely to be 
no longer viable, and has no reasonable prospect of returning to viability.'’ The 
alternative to resolution for a failing insurance entity is typically ‘liquidation’: A 
process to terminate operations and corporate existence of the entity through which 
the remaining assets of the insurer will be distributed to its creditors and shareholders 
according to the liquidation claims hierarchy. Branches can also be put into liqui- 
dation, separately from the insurance legal entity they belong to," 

Furthermore, for completeness sake, it is also useful to mention the definitions of 
“recovery plan’: “A plan developed by an insurer that identifies in advance options to 
restore its financial condition and viability under severe stress’ and ‘resolution plan’: 
‘A plan that identifies in advance options for resolving all or part(s) of an insurer to 
maximise the likelihood of an orderly resolution, the development of which is led by 
the supervisor and/or resolution authority in consultation with the insurer in advance 
of any circumstances warranting resolution.’ 

Lastly, while the IAIS does not provide for a definition of insurance guarantee 
scheme or policyholder protection scheme (PPS), the latter term is referred to in the 
IAIS Insurance Core Principles and discussed in more detail in an IAIS issues 
paper.” A PPS intends to provide a minimum layer of protection to policyholders 
in the event that the safeguards within the supervisory regime are not sufficient, 
i.e. beyond the safeguards that the Solvency II regime provides. 

PPSs are designed to protect policyholders and beneficiaries in the case of the 
insolvency of an insurer, serving as backstops against claims. Whilst PPSs’ objec- 
tives focus on providing a minimum level of protection to policyholders, where the 
design of the PPS includes such functions, they can also contribute to the objectives 
of resolution regimes by: (i) facilitating the continuation of insurance; (ii) providing 
financial support to an insolvent insurer and/or an entity which intends to purchase 
an insolvent insurer or to which insurance policies will be transferred from an 
insolvent insurer; (iii) aiding in portfolio transfers; (iv) working as a bridge institu- 
tion where no immediate purchaser of an insolvent insurer can be found.” There- 
fore, PPSs can play a relevant role in both the resolution and in the liquidation of 
insurers. 

Arguably, the design and in particular the harmonisation of recovery and resolu- 
tion frameworks, resolution funding and insurance guarantee schemes across the 
European Union is even more complex as it is or has been for banks. At the same 


https://www.iaisweb.org/page/consultations/closed-consultations/202 1/application-paper-on-reso 
lution-powers-and-planning. 

"TTATS Glossary. 

‘STATIS Glossary. 


'°TAIS, Issues Paper on policyholder protection schemes, October 2013, https://www.iaisweb.org/ 
page/supervisory-material/issues-papers//file/34547/issues-paper-on-policyholder-protection- 
schemes. 


POTATIS, Issues Paper on policyholder protection schemes, pp. 4-5. 
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time, the urgency and need for harmonisation may be perceived differently for the 
insurance sector than for banks. The dynamics of the failure and/or the resolution of 
an insurer is different from bank failures and resolution and many jurisdictions 
appear to have dealt with insurance failures or near-failures in many cases, even 
without a dedicated recovery and resolution regime. 

It should be mentioned that, while currently only a few Member States have a 
specific recovery and resolution regime for insurers in place, many—if not all— 
Member States have dealt with failures or near-failures of insurance companies. 
Despite the absence of recovery and resolution frameworks, failures or near-failures 
do not appear to have led in all cases to significant detriment to policyholders/ 
beneficiaries and the local insurance markets seem to have been able to absorb such 
failures in practice, with or without the presence of a PPS and/or resolution regime. 
At the same time, insurers’ failures regularly involve insurers that operate on a cross- 
border basis, which creates additional challenges in regular supervision as well as in 
the case of failures of insurance companies and their liquidation or resolution. 

At the international level, work on recovery and resolution of insurers and 
reinsurers is being undertaken by both the Financial Stability Board (FSB) and, as 
referred to above, by the International Association of Insurance Supervisors (IAIS). 


3.3 European Context 


Pursuant to, inter alia, Article 242(2) of the Solvency II Directive, the harmonisation 
of recovery and resolution and insurance guarantee schemes, at the European level, 
forms part of the Solvency II 2020 review. In that context, the European Commis- 
sion has requested EIOPA for technical advice, to be provided to the European 
Commission by 30 June 2020. 

Before this, on 5 July 2017, EIOPA had published an opinion to the institutions of 
the European Union on the harmonisation of recovery and resolution frameworks for 
(re)insurers across the Member States.”! In this opinion, EIOPA argues that a 
minimum degree of harmonisation in the field of recovery and resolution of insurers 
would contribute to achieving policyholder protection, as well as maintaining 
financial stability in the EU. 

EIOPA clarifies that ‘minimum harmonisation’ entails: ‘the definition of a com- 
mon approach to the fundamental elements of recovery and resolution (objectives for 
resolution and resolution powers) which national frameworks should address, while 
leaving room for Member States to adopt additional measures at national level, 
subject to these measures being compatible with the principles and objectives set at 


*1BIOPA Opinion to Institutions of the European Union on Harmonisation of recovery and 
resolution frameworks for (re) insurers across the Member States, EIOPA-BoS/17-148, 5 July 
2017, https://eiopa.europa.eu/Publications/Opinions/EIOPA-BoS-17-148_Opinion_on_recovery. 
and_resolution_for_(re)insurers.pdf. 
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the EU level. These additional measures at the national level might be required in 
order to better address the specificities of the national markets’ .** 

On 30 July 2018, EIOPA published a discussion paper on resolution funding and 
national insurance guarantee schemes. EIOPA positions this discussion paper as a 
follow-up to the EIOPA Opinion on the harmonisation of recovery and resolution 
frameworks for (re)insurers across the Member States that EIOPA published in 
2017. EIOPA considers resolution funding and IGSs as essential elements for the 
resolution of failing insurers. In the discussion paper, EIOPA distinguishes between 
resolution funding and insurance guarantee schemes. With respect to resolution 
funding EIOPA distinguishes between three sources of resolution funding: (i) the 
assets and liabilities of the failing insurers itself, (ii) national resolution funds and 
(iii) national IGSs or other policyholder protection schemes. EIOPA considers the 
primary function of IGSs to compensate policyholders for their losses in the event of 
insurance insolvency. At the same time, EIOPA recognises that some schemes have 
additional functions relating to the resolution framework. Some insurance guarantee 
schemes may also be used to fund resolution actions, such as the transfer of 
insurance policies to a third party or may function as a bridge institution. EIOPA 
has subsequently published a consultation paper on harmonisation of national 
insurance guarantee schemes on 9 July 2019,” in the context of the Solvency II 
2020 review, building on its earlier work in this area,” and has recently dedicated a 
chapter of the EIOPA Opinion on the 2020 review of Solvency II on insurance 
guarantee schemes. In that opinion, EIOPA appears to have departed from the 
viewpoint that the primary function of an insurance guarantee scheme should be 
the compensation of policyholders and beneficiaries for their losses when an insurer 
becomes insolvent, and instead places the continuation of insurance policies on 
equal footing to compensation, given that they both meet the primary purpose to 
protect policyholders.”° 

In addition to the EIOPA work on recovery and resolution and on insurance 
guarantee schemes, EIOPA has published a series of three papers on systemic risk 
and macro-prudential policy in insurance in the period 2017-2018. In its first 


*RIOPA Opinion to Institutions of the European Union on Harmonisation of recovery and 
resolution frameworks for (re) insurers across the Member States, EIOPA-BoS/17-148, 5 July 
2017, p. 4, https://eiopa.europa.eu/Publications/Opinions/EIOPA-BoS-17-148_Opinion_on_recov 
ery_and_resolution_for_(re)insurers.pdf. 


?3RIOPA, Consultation Paper on Proposals for Solvency II 2020 Review Harmonisation of 
National Insurance Guarantee Schemes, EIOPA-BoS-19-259, https://eiopa.europa.eu/Publica 
tions/Consultations/EIOPA-BoS-19-259_Consultation%20paper%20on%20Harmonisation%200f 
%201GSs.pdf. 

*4RIOPA Discussion paper on resolution funding and national insurance guarantee schemes, 
EIOPA-CP-18-003, 9 July 2018, https://eiopa.europa.eu/Publications/Consultations/EIOPA-CP- 
18-003_Discussion_paper_on_resolution_funding%20and.pdf. 


5 RIOPA Opinion, paragraph 13.4. 
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paper, EIOPA aims to identify and analyse the sources of systemic risk in 
insurance from a conceptual point of view, independent of the policy measures 
developed at the international level by the IAIS. The second paper” focuses on 
Solvency II tools with a macroprudential impact. While the Solvency II framework 
is designed to be a microprudential regime for the EU insurance sector, it contains 
elements as well that may have financial stability impact. In particular, reference is 
made in the paper to long-term guarantee measures”? and measures on equity risk. In 
addition, while this is not a specific measure for the insurance sector, the measure 
that allows supervisory authorities to prohibit or restrict certain types of financial 
activities is considered in the paper. While these measures primarily serve their 
intended micro-prudential purpose~”—according to EIOPA—they also contribute to 
limiting pro-cyclicality. Lastly, while not examined further in the paper, the prudent 
person principle, the own risk and solvency assessment and capital add-ons in 
specific circumstances are also mentioned. The third paper’? explores potential 
new instruments and measures that could be included in a macroprudential frame- 
work, grouped in the following blocks: capital and reserving based tools, liquidity- 
based tools, exposure-based tools and pre-emptive planning. In the context of 
recovery and resolution, in particular pre-emptive planning (recovery and resolution 
planning), as well as capital surcharges, *! and temporary freezes of redemption 
rights of policyholders are explored. Based on the work at international level, the 
EIOPA papers on systemic risk and macro-prudential policy, as well as the EIOPA 
Opinion on the 2020 Review of Solvency II, discussed in the subsequent paragraph, 
the European Commission has included several proposals to include macro-pruden- 
tial tools in the formal proposal to amend the Solvency II Directive, which has been 
published on 22 September 2021. 


3.4 EIOPA Opinion on the 2020 Review of Solvency IT 


On 17 December 2020, EIOPA has published its opinion on the 2020 review of 
Solvency II. The Solvency framework, which became applicable in EU Member 
States on | January 2016, provided that certain areas of the framework would need to 


°°RIOPA, Systemic risk and macroprudential policy in insurance, Publications office of the 
European Union, Luxembourg, 2017, also available on the EIOPA website. 


°7BIOPA, Solvency II tools with macroprudential impact, Publications office of the European 
Union, Luxembourg, 2018, also available on the EIOPA website. 


°8RIOPA, Solvency II tools with macroprudential impact, Publications office of the European 
Union, Luxembourg, 2018, also available on the EIOPA website. 


? Ensuring sufficient loss absorbing capacity and reserving. 


3°RIOPA, Other potential macroprudential tools and measures to enhance the current framework, 
Publications office of the European Union, Luxembourg, 2017, also available on the EIOPA 
website. 


31B.g. for systemic risk, such as higher loss-absorbing (HLA) capacity. 
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be reviewed by the European Commission at the latest by 1 January 2021. In that 
context, the European Commission has requested for EIOPA technical advice on the 
Solvency II 2020 review in February 2019 on nineteen main topics, including 
recovery and resolution, insurance guarantee schemes and on macro-prudential 
issues. With respect to these themes, the technical advice also builds on the earlier 
work of EIOPA, described above. The original deadline for the advice was the end of 
June 2020. However, the COVID-19 crisis has led to an extension of the 
response time to a holistic impact assessment that was undertaken by EIOPA in 
the context of the draft technical advice. Furthermore, to allow for an assessment of 
the COVID-19 crisis on the Solvency II review, the deadline for the technical advice 
was extended to the end of 2020. Evidently, the further development of a European 
framework on insurance recovery and resolution will depend on the European 
Commission’s and co-legislators’ willingness to consider the EIOPA advice. It is 
clear from the European Commission’s proposals, published on 22 September 2021, 
that the European Commission, in line with the EIOPA advice, intends to proceed 
with a legislative proposal with respect to minimum harmonisation of insurance 
recovery and resolution. In addition, the European Commission has considered a 
minimum framework for Insurance Guarantee Schemes at the European level, but 
considers this not appropriate at this point in time, given the uncertainties created by 
the COVID-19 pandemic, and the need to focus on economic recovery. According to 
the European Commission, the introduction of such a framework could entail 
important implementation costs for insurers, in particular in member states that do 
not have such a scheme yet. 

The EIOPA Opinion,” as well as the earlier papers of EIOPA on recovery and 
resolution have clearly taken the model that has been developed for the banking 
sector as a starting point: recovery and resolution planning requirements for banking 
and investment firms have evolved since the Bank Recovery and Resolution Direc- 
tive (BRRD) and Single Resolution Mechanism Regulation (SRMR) came into 
effect in 2014. Subsequent guidance, technical standards and opinions issued by 
the European Banking Authority (EBA), European Central Bank (ECB), and 
European Commission have resulted in a mature regulatory landscape for Recovery 
Planning in particular. EIOPA and IAIS have, in recent years, published papers in 
respect of pre-emptive recovery planning, while the European Systemic Risk Board 
(ESRB) and Financial Stability Board (FSB) have also placed emphasis on the 
importance of recovery and resolution planning for insurers. 

Under the BRRD framework, early intervention is described as supervisory 
measures in an early stage to address unsafe and unsound practices or activities 
that could pose risks to banks or to the banking system.** These early supervisory 
actions can range from supervisory measures that encompass moral suasion to more 
corrective sanctions, which are triggered when banks are deemed to be in danger of 


32EIOPA, Opinion on the 2020 review of Solvency II, EIOPA—Bos-20/749, 17 December 2020. 
33 Article 27 of the BRRD. See also Recital 1 and 19 of the BRRD. 
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failing. On one hand, the use of early supervisory measures is part of the supervisory 
review process and is guided by forward-looking assessments, risk and impact 
frameworks and by the work of specialist supervisory teams. On the other hand, 
intervention is also undertaken using, as ultimum remedium, sanctions, often referred 
to as prompt corrective actions, which are needed to minimise the impact that an 
insolvent bank would have on deposit insurance schemes. 

Through such forward-looking assessments, the areas of greatest concern regard- 
ing the bank’s various business lines and risks, its associated strategies and the 
quality of its governance, management and internal controls are identified. The 
supervisory focus is directed to these areas to allow the supervisor to identify and 
address weaknesses at an early stage. Therefore, while appropriate methodologies 
and good sources of information are important, supervisory judgment will almost 
always be needed to interpret the information and assess the financial health of 
a bank. 

Early intervention actions taken, therefore are not exclusively prompted by a 
formal early intervention/recovery framework that prescribes action, but are also 
taken as part of ongoing supervisory monitoring.** 

Due to the sectorial nature of EU legislation, insurance companies do not fall 
under the scope of the BRRD. However, in light of the Solvency II 2020 Review, it 
is necessary to assess if the principles and rationale that informed the introduction of 
recovery and resolution planning for banks and investment firms subject to the 
BRRD also guide the choices and design of the future European recovery and 
resolution regime for insurers. In addition, it is necessary to ask whether the pro- 
visions of the BRRD are fit for the purpose to be used in the insurance regulatory 
framework. 

According to the recitals of the BRRD there are at least two key factors that have 
led to the need to prepare a common set of rules for the recovery phase of a crisis and 
for management of the insolvency of banks: the need to preserve systemically 
important functions of institutions, subject to the BRRD* and the increased cross- 


34 Georgosouli (2013), pp. 209-220: ‘[. . .] judgement is based on hard, observable facts as opposed 
to the degree to which it is based on a view as to what might happen in the future’. In that sense, he 
concludes, ‘judgement-led regulation equals to “forward-looking” regulation’. [...] scope of 
discretion for regulators and presupposes that regulators have the capacity and the willingness to 
use that discretion. Early intervention is arguably another key aspect of judgement-led regulation, 
rely on discretion, focus on outcomes and, at least in principle, secure an increased level of 
flexibility for regulators and regulatees alike’. 


*5 Recital 1 BRRD: The financial crisis has shown that there is a significant lack of adequate tools at 
Union level to deal effectively with unsound or failing credit institutions and investment firms 
(‘institutions’). Such tools are needed, in particular, to prevent insolvency or, when insolvency 
occurs, to minimise negative repercussions by preserving the systemically important functions of 
the institution concerned. During the crisis, those challenges were a major factor that forced 
Member States to save institutions using taxpayers’ money. The objective of a credible recovery 
and resolution framework is to obviate the need for such action to the greatest extent possible. 


Recovery and Resolution of Insurance Companies and Director’s Duties 153 


border operations and interconnectedness of institutions.*° While avoiding the term 
“systemic importance’ it is clear that insurers do provide important societal and 
economic functions and are increasingly active on cross-border basis. However, 
these critical functions consist exclusively of the prudent execution of the insurance 
business and activities, including most prominently the protection of the rights of 
policyholders and beneficiaries, as well as safeguarding the provision of specific 
forms of insurance cover. Other roles, such as the role that insurers play as e.g. 
institutional investor, are of course relevant as well, but should in our view not be 
considered critical functions in the same manner as for instance the responsibilities 
that banks bear for e.g. maintaining payment systems and payment infrastructure. 

The BRRD introduced recovery and resolution planning, as well as specific tools 
and powers to resolution authorities allowing for failing institutions to be resolved 
instead of being liquidated, applying normal insolvency procedures. The preventive 
line undertaken by the BRRD is therefore based on three components: crisis prep- 
aration (with recovery and resolution plans), early intervention and resolution.’ 

In our view, resolution funding cannot be seen as separate from insurance 
guarantee schemes, to the extent the purpose of an insurance guarantee scheme is 
to facilitate a run-off/insurance portfolio transfer as an alternative to liquidation in 
ordinary bankruptcy proceedings. Therefore, the purpose of an insurance guarantee 
scheme does not necessarily have to ensure direct compensation of policyholders/ 
beneficiaries, such as is generally the case with deposit guarantee schemes in a 
banking context. 


4 A European Recovery and Resolution Framework 


In 2017 EIOPA published its opinion on the harmonisation of recovery and resolu- 
tion frameworks for insurers across the European Union and, more recently, in 2019, 
issued a consultation paper on the review of Solvency II in 2020, including recovery 
and resolution planning considerations. In 2018 the IAIS issued a draft application 


3 Recital 3 BRRD: Union financial markets are highly integrated and interconnected with many 
institutions operating extensively beyond national borders. The failure of a cross-border institution 
is likely to affect the stability of financial markets in the different Member States in which it 
operates. The inability of Member States to seize control of a failing institution and resolve it in a 
way that effectively prevents broader systemic damage can undermine Member States’ mutual trust 
and the credibility of the internal market in the field of financial services. The stability of financial 
markets is, therefore, an essential condition for the establishment and functioning of the internal 
market. 


37BBA, Discussion Paper - Application of early intervention measures in the European Union 
according to Articles 27-29 of the BRRD, EBA/DP/2020/02, 26 June 2020, p. 4. See also: FSI, FSI 
Insight - Early intervention regimes for weak banks, April 2018; GOV.UK, Bank Recovery and 
Resolution Directive (BRRD) implementation, 3 November 2016; Basel Committee on Banking 
Supervision, Frameworks for early supervisory intervention, March 2018. 
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paper on Recovery Planning before issuing a final application paper on Recovery 
Planning in November 2019. The EIOPA and IAIS publications provide industry 
with a clear steer on the future expectations relating to recovery and resolution 
planning.*® 

If the EU legislator already in 2009 had noted the need to prepare a stronger 
protection apparatus in the insurance market with a view to the stability and solidity 
of the company with the introduction of a three-pillar system and which is divided 
into capital, risk control and market information, today, also in the light of a 
comparative look with the adjacent banking sector, this system seems to move 
towards the contingency of a fourth pillar such as that of forecasting and planning 
the crisis and insolvency. Prevention is other to the other goals of supervision, which 
include ensuring stability, solidity, and transparency. 

In fact, the introduction of recovery and resolution plans, on the model of what 
has already happened for credit institutions and recipients of the BRRD directive, is 
one of the most important points of attention in the revision of Solvency II.*? 

The rest of this paper will take as an assumption that, following the EIOPA 
technical advice for the Solvency II 2020 review, the European Commission’s 
forthcoming proposal for changes to the Solvency II framework, will include a 
certain level of harmonisation of recovery and resolution frameworks in the 
European Union, based on minimum harmonisation. EIOPA clarifies, as stated in 
its earlier publications, that ‘minimum harmonisation’ entails ‘the definition of a 
common approach to the fundamental elements of recovery and resolution (objec- 
tives for resolution and resolution powers) which national frameworks should 
address, while leaving room for Member States to adopt additional measures at 
the national level, subject to these measures being compatible with the principles and 
objectives set at the EU level. These additional measures at the national level might 
be required to better address the specificities of the national markets’. 

EIOPA observes that while Solvency II has improved insurance supervision, the 
risk of failures and near-failures still exists,” and in the absence of a harmonised 
framework at the EU level, the current landscape is fragmented, with some Member 
States having adopted frameworks at the national level, but the majority of Member 


2 IAIS, JAIS Stakeholder Teleconference on Resolution, 21 April 2020: The International Associ- 
ation of Insurance Supervisors (IAIS) is a voluntary membership organisation of insurance super- 
visors and regulators from more than 200 jurisdictions (p. 2) [...] (p. 4) The planned Application 
Paper on Resolution Powers and Planning will aim to provide guidance on supervisory practises 
related to resolution, which is defined in the IAIS Glossary! as ‘actions taken by a resolution 
authority towards an insurer that is no longer viable, or is likely to be no longer viable, and has no 
reasonable prospect of returning to viability’ (p. 4). [. . .] Resolution can be seen as a final step taken 
by the supervisor and/or resolution authority, after all other preventive or corrective measures have 
proven to be insufficient to preserve or restore an insurer’s viability (p. 7). 


ECB, The new EU framework for financial crisis management and resolution, July 2011 and 
EIOPA, Background document on the opinion on the 2020 review of Solvency II — analysis, 
EIOPA-BoS-20/750, 17 December 2020. 


4 Paragraph 12.40 of the EIOPA Opinion. 
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States have not.*! As mentioned, it has not been the intention of Solvency II to take 
away the risk of failures or near-failures of insurers altogether. 

According to EIOPA, the level of minimum harmonisation it envisages includes a 
framework consisting of four elements: (i) preparation and planning, (ii) early 
intervention, (iii) resolution and (iv) cross-border cooperation. In line with the 
EIOPA advice, these four elements also form key elements in the European Com- 
mission’s IRRD proposal. For completeness’ sake, we will discuss all four elements 
in this chapter: the first three are primarily relevant in terms of the governance of 
insurance undertakings and groups, while cross-border cooperation profile is of 
common significance and inherent to the principles fundamental to the EU internal 
market. Some bankruptcies of large insurers operating under the freedom to provide 
services, after obtaining authorisation in their home member state, have evidenced 
that the single market can only function properly if supervision is coordinated and 
the risk of regulatory arbitrage is mitigated.** The IRRD proposal should be seen as 
an extension and reinforcement of the Solvency II framework, which provides for a 
robust prudential framework for insurers and reinsurers in Europe, reducing the 
likelihood of failures and enhancing the resilience of the insurance and reinsurance 
sector. The IRRD proposal aims to provide authorities with a credible set of 
resolution tools to intervene sufficiently and quickly if insurers are failing or are 
likely to fail to ensure a better outcome for policyholders, while minimising the 
impact on the economy, the financial system, and any recourse to taxpayers’ 
money.** The scope of application of the IRRD proposal (Article 1) is aligned 
with the scope of the Solvency II Directive (insurance and reinsurance undertakings 
established in the European Union and falling within the scope of Article 2 of the 
Solvency II Directive) and additionally includes a group dimension to the recovery 
and resolution framework (Articles 67-71). A novelty envisaged by the IRRD 
proposal is the requirement for member states to establish a resolution authority 
(Article 3). This could either be a dedicated and independent resolution authority or 
be function within a pre-existing authority, including a national central bank or 
supervisory authority. If the latter is the case, adequate structures should be in place 
to avoid conflicts of interests that might arise with the other functions conducted by 
such an authority. In addition, the resolution authority is required to be operationally 
independent, which includes having separate staff, reporting lines, and decision- 
making processes, from any supervisory or other functions of that authority. The 
introduction of this new category of authorities will require amendments to the 
EIOPA (EU) Regulation no. 1094/2010 to also include, where appropriate, refer- 
ences to these authorities (in particular in Articles 83-88). In the final provisions of 
the IRRD proposal (Title VID, amendments are proposed to the Solvency II Direc- 
tive, which underlines the notion that the IRRD should reinforce Solvency II and be 


“112.41. This is obvious, as the Solvency II framework, as any other regulatory framework, has not 
been designed to provide a zero-failure framework. 


“Impact Assessment, p. 11. 
“Explanatory memorandum to the IRRD proposal, p. 1. 
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aligned with the prudential framework for insurers and reinsurers in Europe and 
complement the existing intervention powers of the Solvency II framework. The 
amendments to the Solvency II Directive consist in particular of a clarification of the 
concept of supervisory powers in deteriorating financial conditions (Article 141 of 
the Solvency II Directive) and proposals that suggest amending company law pro- 
visions and other national rules that could pose obstacles in the effective use of the 
resolution tools in the IRRD proposal. 


4.1 Preparatory Measures and Corporate Governance Rules 


Preparatory measures can be distinguished in measures, aimed to facilitate the 
recovery under the responsibility of the insurer to restore its financial position and 
viability in the event the insurer comes under severe stress, and measures that should 
enable the resolution actions of the resolution authority towards an insurer that is no 
longer viable, or is likely to be no longer viable, and has no reasonable prospect of 
returning to viability. The key differences between these two phases are the objec- 
tives (recovery versus resolution) and who is in charge of the process (the insurance 
company and its corporate bodies or the resolution authorities). The IRRD proposal 
provides that at least 80% of the insurance market of member states should be 
subject to recovery planning. Low-risk profile undertakings should be excluded. 
70% of the insurance market should be subject to resolution planning. Again, low- 
risk profile undertakings should be excluded. 


4.1.1 Pre-emptive Measures with Respect to Recovery 


Pre-emptive measures with respect to recovery generally focus on the preparation of 
an ex-ante or pre-emptive recovery plan. According to the IAIS, the objective of 
such a recovery plan is twofold: (a) to aid the insurer in understanding its own risks 
from severe stress scenarios, and (b) to be better prepared to provide an effective 
response. 

The focus of a recovery plan is on situations that pose a serious risk to the 
viability of the insurer or any material part of its business.“ 

Pre-emptive recovery planning is different from a recovery plan, referred to in 
Article 138 of the Solvency II Directive, which insurers are required to develop 
within two months after a breach of the SCR. However, it is expected that 
pre-emptive recovery planning will allow insurers to make better informed and 
timely decisions in times of crisis. Through the process of pre-emptive recovery 
planning, insurers will have already identified and assessed a range of recovery 
measures expected to be available to them in times of crisis, which should make the 


“TAIS, Application Paper on Recovery Planning, November 2019, paragraph 2. 
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development of the recovery plan in accordance with Article 138 of the Solvency H 
Directive more efficient.*° 

The preparation of an ex-ante recovery plan is the responsibility of the insurance 
undertaking and/or the insurance group, subject to supervisory scrutiny. Therefore, it 
is the undertaking itself that assesses, describes and determines how it intends to 
recover from severe stress scenarios without failing and triggering the withdrawal of 
its insurance license (in case of the recovery of a licensed insurance company). In 
terms of governance actions, the supervisory authorities will assess if the scenarios 
and described recovery measures can be considered realistic and are expected to be 
achievable in stress scenarios. As an example, suppose the insurance company relies 
on external reinsurance or access to capital markets in a recovery scenario, are the 
assumptions that the undertaking has access to such facilities in a stress scenario 
realistic, has it already made preparatory arrangements—if needed—to ensure access 
to such facilities? As part of a future recovery framework, it is reasonable to expect 
that supervisory authorities will have the ability to take supervisory action if a 
recovery plan is not realistic and instruct the company to amend the plan. Concep- 
tually, such supervisory action is expected to be largely in line with regular expec- 
tations of the supervised entity. Although views might differ between the 
supervisory authorities and the corporate bodies of the undertaking, the undertaking 
remains in charge of the development of the plan and the objectives of the under- 
taking are aligned, namely, to continue the undertaking as a going-concern enter- 
prise. The IRRD proposal introduces explicit requirements with respect to ex ante 
recovery planning, subject to proportionality. ‘Low-risk profile undertakings’, a 
concept introduced through the Solvency II proposals, can benefit from proportion- 
ate application of Solvency II requirements. The IRRD proposal contains a provision 
that allows for simplified obligations for certain undertakings (Article 4 of the IRRD 
proposal). Simplified obligations will apply in any case to ‘low-risk profile under- 
takings’ in the meaning of the Solvency II proposals, which will take account of the 
nature of these undertakings, and avoid unnecessary administrative burdens (see 
Article 5(3) of the IRRD proposal). National authorities will be obliged to report 
annually to EIOPA on application of Article 4. 


4.1.2 Pre-emptive Resolution Planning 


Pre-emptive resolution planning consists of two elements: the development of 
resolution plans and of resolvability assessments. Resolvability assessments are 
part of the resolution planning process and aim to identify any impediments to the 
resolvability of undertakings.*° A resolution plan is developed by the resolution 


“SEIOPA Analysis, pp. 638-639. 
*°RIOPA Analysis, p. 653. 
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authority, not by the undertaking itself, nor by the supervisory authority.*’ As 
mentioned, a resolution plan is, according to the [AIS Glossary, a plan that identifies 
in advance options for resolving all or part(s) of an insurer to maximise the 
likelihood of an orderly resolution, the development of which is led by the supervisor 
and/or resolution authority in consultation with the insurer in advance of any 
circumstances warranting resolution. Interestingly, the IAIS leaves open the possi- 
bility that a resolution plan is developed by the supervisory authority, rather than a 
resolution authority. In general, we believe it is advisable that the development of a 
resolution plan is dealt with by a separate authority or a department within the 
supervisory authority that is operationally independent from regular supervision. 
The objectives of going concern supervision and gone concern resolution differ, 
which could lead to different choices and potentially conflicts of interests. 

In itself, the development of a resolution plan does not impact the insurance 
undertaking or the insurance group. It is not up to the undertaking ‘to rule over its 
grave’ and to decide how the undertaking will be resolved. However, a resolution 
plan will require close cooperation between the resolution authority and the under- 
taking (and with the supervisory authority), and the impact of the resolution plan 
may be felt by the undertaking in going concern as well, mainly due to the 
resolvability assessment by the resolution authority. Through resolution planning, 
the resolution authority intends to ensure that the undertaking is resolvable in an 
orderly manner. This will involve the identification of potential impediments to 
resolution. In case the resolution authority identifies the presence of material imped- 
iments to resolution, it may have to adapt the resolution strategy or require such 
impediments to be removed by the insurance undertaking ex-ante. This will require 
close cooperation with the supervisory authorities and the undertaking itself and a 
thorough assessment if the ex-ante removal of such impediments is in fact necessary. 
Impediments to resolution (gone concern) might well be efficiencies on a going 
concern basis (e.g. shared services within a group) and the ex-ante intervention by a 
resolution authority may be disproportionate if other solutions are also feasible (such 
as the continuation of such services during resolution).** 

Both the process of ex-ante recovery planning, particularly ex-ante resolution 
planning, can have a significant impact on insurers. Where insurers are generally 
focused on running their operations on a going concern business, both recovery and 
resolution planning are aimed at the situation where this is no longer the case. To be 
prepared for such circumstances may require different choices than if the focus is 
strictly on the going concern circumstances of the operations. 


47 The resolution authority and supervisory authority can be part of the same authority or be entirely 
separate. If combined in the same authority, they are usually operationally independent from the 
supervisory authority, given the different tasks of the resolution authority. 

48 Continuation of essential services might be realised as well by proper internal documentation of 
such services through service-level agreements or other internal outsourcing agreements. Resolu- 
tion authorities are expected to have the power to ensure the continuity of essential services by 
requiring other entities to continue to provide such services (see EIOPA Opinion, paragraph 12.18). 


Recovery and Resolution of Insurance Companies and Director’s Duties 159 


The IRRD proposal provides resolution authorities with powers to require the 
insurer to remove, ex ante, substantive impediments to resolution. However, the 
IRRD proposal currently uses inconsistent terminology (material impediments, 
substantive impediments, impediments) to indicate the impediments may need to 
be removed upon the instruction of the resolution authority. It should be clear that 
these powers only relate to ‘substantive’ impediments, due to the potential intrusive 
nature of this power to the going concern operations of the insurer. Furthermore, we 
believe this power should be limited to the continuity of critical functions. The IRRD 
proposal includes, in addition to the concept of critical functions, references to core 
business lines (Article 9(6) c and the requirement, as part of the resolution plan, to 
demonstrate how core business lines (in addition to critical functions) can be 
separated. We doubt if the reference to core business lines is relevant and suggest 
that this should be removed. Safeguarding core business lines should not be an 
objective of resolution, but only the preservation and continuity of critical functions. 
The inclusion of core business lines might have been inspired by the BRRD 
framework, where the emphasis of resolution is on the preservation of the bank 
and/or the entities in the group. The key concern for resolution authorities in the 
insurance sector should not be the preservation and continuity of the insurer or the 
insurance group, but instead safeguarding the rights of policyholders and beneficia- 
ries, which might well be affected without the preservation of the group or entities in 
the group (e.g. by portfolio transfers and run-offs). 


5 Triggers to Place an Insurer or Reinsurer in Resolution 
and Director’s Duties 


A crucial component of a resolution framework is the trigger for entry into resolu- 
tion. This is the moment on which the insurer transitions from “going concern’ to 
“gone concern’.”° After this point, the insurer no longer forms part of the regular 
commercial economic circumstances. At this point, the resolution authority typically 
takes full control of the insurer. Therefore, this moment is also crucial for the 
corporate bodies of the insurer, as well as for the investors/shareholders. Clearly, 
such a decision should not be taken lightly and therefore the conditions for taking 
such a decision should be as clear as possible. 

According to the FSB Key Attributes, resolution should be initiated when an 
undertaking is no longer viable or likely to be no longer viable and has no reasonable 
prospect of becoming so. The resolution regime should provide for timely and early 
entry into resolution before a firm is balance sheet insolvent and before all equity has 
been fully wiped out. There should be clear standards or suitable indicators of 


“RIOPA, background document on the opinion of the 2020 review of Solvency II, analysis, 
EIOPA-BoS-20/750, 17 December 2020, page 629. 
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non-viability to help guide decisions on whether firms meet the conditions for entry 
into resolution.”” 

The FSB uses the term ‘non-viability’ to identify the transition from going 
concern to gone concern (i.e. from recovery to resolution). This means that all 
possible recovery measures must have been exhausted and failed or ruled out. 

In accordance with the FSB Key Attributes, EIOPA proposes to set—at the EU 
level—triggers for entry into resolution as follows: 


a. The undertaking is no longer viable or likely to be no longer viable and has no 
reasonable prospect of becoming so. 

b. Possible recovery measures have been exhausted—either tried and failed or ruled 
out as implausible to return the undertaking to viability—or cannot be 
implemented in a timely manner. 

c. A resolution action is necessary in the public interest.” 


According to EIOPA, the triggers should be judgment-based and allow for 
sufficient discretion to assess the situation and decide on the need for resolution 

a we 
actions. 

According to EIOPA, an undertaking could be considered to be no longer viable 
or likely to be no longer viable based on the following, non-exhaustive set of criteria: 


— The undertaking is in breach or likely to be in breach of the MCR and there is no 
reasonable prospect of compliance being restored. 

— The undertaking is in breach or likely to be in breach of other prudential 
requirements (e.g. requirements on assets backing technical provisions), there is 
no reasonable prospect of compliance being restored and such non-compliance 
will likely lead to balance sheet or cash flow insolvency. 

— There is a strong likelihood that policyholders and/or creditors will not receive 
payments as they fall due.°** 


It is our impression that the first, and part of the second condition, are likely to be 
the most relevant conditions to determine the (expected) non-viability of licensed 
insurance and reinsurance entities.°* Furthermore, there appears to be some overlap 


S°RSB Key Attributes of Effective Resolution Regimes for Financial Institutions, 15 October 2014, 
paragraph 3.1. 


5! BIOPA Opinion, paragraph 12.3.3. 
>? BIOPA Opinion, paragraph 12.31. 


SSEIOPA, background document on the opinion of the 2020 review of Solvency I, analysis, 
EIOPA-BoS-20/750, 17 December 2020, page 670. 


54The FSB makes a distinction between ‘insurer’, which refers to an insurance company or a 
holding company and an ‘insurance company’, which means any legal entity (including its 
branches) that assumes insurance risks in exchange for a premium payment and is licensed under 
a jurisdiction’s legal framework as an insurance company for any type of insurance product (for 
example, reinsurance, life insurance, non-life insurance, etc.): FSB, Key Attributes Assessment 
Methodology for the Insurance Sector Methodology for Assessing the Implementation of the Key 
Attributes of Effective Resolution Regimes for Financial Institutions in the Insurance Sector, 
25 August 2020, page 5. 
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between cash-flow insolvency in the second condition and the likelihood that 
policyholders will not receive payments as they fall due in the third condition. 
Lastly, we believe the balance sheet is mainly relevant to determine if other entities 
(non-insurance companies, such as holding companies or service companies) in a 
group have failed or are likely to fail. In our view, it would be more appropriate to 
split the second condition into two separate conditions and combine one part with the 
first condition. The third condition could be limited to creditors in general”? as this 
condition is likely to be relevant to for the resolution of non-insurance entities 
(e.g. holding companies, service-companies) in the context of the resolution of an 
insurance or reinsurance entity. 


— The undertaking is in breach or likely to be in breach of the MCR, and/or in 
breach or likely to be in breach of other prudential requirements 
(e.g. requirements on assets backing technical provisions), there is no reasonable 
prospect of compliance being restored in such a manner that there are objective 
indications that this would justify a withdrawal of the insurance or reinsurance 
license in the near future. 

— The liabilities of the undertaking exceed the assets of the undertaking or there are 
objective indications that the liabilities will exceed the assets of the undertaking 
in the near future that this will lead to balance-sheet insolvency. 

— There are objective indications that creditors will not receive payments as they 
fall due. 


When reworded in this manner, the first condition is focused on the non-viability 
of licensed insurance and reinsurance entities (and linked to the intervention ladder 
of Solvency II)*° and the second and third condition are focused on the non-viability 
of other entities in an insurance group in the context of the resolution of an insurance 
or reinsurance entity (balance-sheet insolvency?” and cash-flow insolvency”), 
which appear to be less relevant to determine the non-viability of a licensed 
insurance entity. The IRRD-proposal offers, with slightly different wording, the 
same criteria as EIOPA suggests. 

Furthermore, as indicated, EIOPA advises to introduce ‘judgment-based’ triggers 
for the entry into resolution, as opposed to ‘rules-based’ triggers. We doubt if the 
distinction between judgment-based and rules-based triggers is useful as it could 
unnecessarily create uncertainty with respect to moment at which resolution can be 
triggered. The criterion ‘failure or likely to fail’ already inherently provides for a 
judgment-based trigger that requires supervisory discretion and is not necessarily an 
automatic, mechanic trigger.°” 


55 Although not excluding policyholders/beneficiaries. 


°°Whereby in particular an irreparable breach of the MCR will lead to the withdrawal of an 
insurance license. 


5 dss 
7 Second condition. 
58m: W 

8 Third condition. 


*°BIOPA suggests that rules-based triggers are inflexible. As explained, we doubt if this is truly 
the case. 


162 M. Siri and A. Van den Hurk 


It is our impression that the European Commission does not follow EIOPA’s 
advice for “‘judgement-based triggers’. Resolution actions, in accordance with the 
IRRD proposal, can be taken only when cumulatively a number of conditions have 
been met (Article 19 IRRD proposal). These conditions each allow for discretion, 
which means that these triggers are, to a certain level, still ‘judgement-based’, but 
not to the extent as proposed by EIOPA. 

A related issue is that EIOPA suggests to define triggers for resolution in such a 
way that they allow for resolution before an undertaking is balance sheet or cash- 
flow insolvent and before all equity has been wiped out.® As explained before, we 
believe the criterion related to balance-sheet insolvency is relevant in particular for 
the possibility of including other—non-insurance—entities in the resolution of an 
insurance entity and we do not see a justification for triggering the resolution of such 
entities before the resolution of an insurance or reinsurance entity is triggered. In the 
context of the resolution of a licensed insurance entity the criterion ‘before all equity 
has been wiped out’ does not have much added value. The relevant intervention level 
should be related to the coverage of the MCR and the impossibility of the insurance 
company itself to avoid an irreparable breach of the MCR. 

Furthermore, EIOPA suggests that the resolution authority should have the 
authority to withdraw the license of the insurer.°’ We doubt if this authority should 
indeed be granted to the resolution authority, or instead should be left with the 
supervisory authority that has granted the license and might be best positioned to 
withdraw the license as well, obviously in close consultation with the resolution 
authority. The EIOPA Opinion is silent on the withdrawal of the insurance license, if 
the insurer would enter into ordinary bankruptcy proceedings. 


5.1 Triggers for the Entry Into Recovery and Preventive 
Measures 


EIOPA advises maintaining the current triggers for the entry into recovery that are 
currently already included in the Solvency II Directive.® Apart from informing the 
supervisory authorities, the entry into recovery implies the preparation and 


60 Paragraph 12.176 Background Document. In the same sense: IAIS, draft Application Paper on 
Resolution Powers and Planning, 9 November 2020, paragraph 24: ‘The resolution regime should 
have a forward-looking trigger that would provide for entry into resolution before an insurer is 
balance sheet insolvent or is unable to pay its obligations as they come due.’ It should be noted that 
‘insurer’, in the IAIS terminology, means ‘insurance legal entity or insurance group’ (IAIS 
Glossary, November 2019, page 6) and is therefore intended to have a broader scope than only 
licensed insurance entities. 

6l Paragraph 12.18 of the EIOPA Opinion. 

Non-compliance with the SCR or a risk of non-compliance in the following three months. It 
should be noted that EIOPA, in the EIOPA Opinion, only refers to non-compliance with the SCR, 
but we assume that this is meant to include a risk of non-compliance in the subsequent three months 
as well, as currently worded in the Solvency II Directive. 


Recovery and Resolution of Insurance Companies and Director’s Duties 163 


submission, within two months, of a realistic recovery plan to the supervisory 
authorities. This recovery plan should lead to the re-establishment of a sufficient 
level of own funds to cover the SCR. In addition, supervisory authorities have the 
power to prohibit the free disposal of assets located within their territory when 
recovery is triggered.°* 


5.2 Preventive Measures 


In addition, notwithstanding the obligation to submit a recovery plan, where the 
solvency position of the undertaking continues to deteriorate, supervisory authorities 
have the power to take all measures necessary to safeguard the interests of 
policyholders in the case of insurance contracts or the obligations arising out of 
reinsurance contracts. These measures should be proportionate.°* These preventive 
measures are already included in the current Solvency II framework.°° However, 
EIOPA proposes to articulate such measures more explicitly under the heading 
“preventive measures’ and to introduce appropriate ‘triggers’ at the EU level for 
the use of preventive measures.°° Currently, EIOPA observes divergent approaches 
by national competent authorities which it considers not be in line with the principle 
of supervisory convergence and raises concerns about the level playing field in 
insurance.” 

EIOPA suggests to introduce the following set of measures used in Solvency H: 
(a) Require more intensive dialogue with the undertakings, scheduling regular 
meetings with the company’s management in order to better understand the strategy 
of the company, recent technical and financial results, recent changes in insurance 
products and investment and their impact on the solvency position as well as to have 
up to date information on measures taken or measures to be taken by the company in 
order to improve the SCR coverage ratio (e.g. conservative dividend policy, increase 
of own funds, de-risking), including any recent dialogue between the undertakings 
and its qualifying shareholders/owners on the possibility of capital support; 
(b) Require additional or more frequent reporting; (c) Require the administrative, 
management, or supervisory body of the undertaking to take preventive measures 
within a specific timeframe in case of concrete risk of progressive and structural 
deterioration of its capital position that may put the undertaking under stress and the 
undertaking’s inaction leads to an increased risk to policyholders. This could also 
include a requirement to update the pre-emptive recovery plan when assumptions set 


® Article 140 Solvency II Directive. 
“4 Article 141 Solvency II Directive. 


65 Article 141 of the Solvency II Directive. ICP 10.2 also refers to preventive measures if the insurer 
seems likely to operate in a manner that is inconsistent with regulatory requirements. 


SSEIOPA Opinion, paragraph 12.25. 
6TEIOPA Analysis, p. 649. 
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out in the initial plan do not appear realistic, and to take the measures set out in the 
updated plan; (d) Require the undertaking to limit variable remuneration and 
bonuses.” 

EIOPA suggests that, similar to the resolution triggers, triggers for the application 
of preventive measures should be ‘judgment-based’ and allow for sufficient super- 
visory discretion, contain relevant qualitative and quantitative factors, but should not 
result in a new pre-defined intervention level.’ According to EIOPA, relevant 
factors that would need to be taken into consideration by NSAs in their assessment 
for intervening preventively include, for instance: (1) Solvency ratio and historical 
volatility of the SCR ratio; (2) Trends in the financial statement figures; (3) Business 
plan, including information about the products, risk mitigation techniques, invest- 
ment plan and dividend policy; (4) The possibility and likelihood for the undertaking 
to raise additional capital; (5) ORSA, particularly, the three year projection of the 
SCR and MCR coverage ratios, the change in risk appetite and risk tolerance and the 
change in the investment strategy—business plan; (6) Financial plans and strategy of 
the company, including recent changes in them that could cause risk of 
non-compliance with capital requirements; (7) Impact of the sensitivity analysis on 
the SCR trigger and MCR trigger; (8) Conclusions from inspections and meetings 
with the Administrative, Management or Supervisory Body (AMSB); (9) Other 
issues or aspects (market triggers), such as interest rate volatility and the widening 
of the credit spread.”° 

It is clear from the wording used by EIOPA”! and the factors mentioned that it 
envisages a high level of discretion and flexibility for supervisory authorities for the 
application of preventive measures. The question can be raised if these factors truly 
result in the EU-level triggers. We doubt if such a degree of flexibility will effec- 
tively prevent the observed divergence of national approaches. ’* 

As mentioned, the IAIS refers to preventive measures if the insurer seems likely 
to operate in a manner that is inconsistent with regulatory requirements. The way 
EIOPA articulates preventive measures seems to allow for a broader application of 
preventive measures. 

Furthermore, a preliminary question may be raised as well: The use of preventive 
measures is presented by EIOPA as a supervisory tool of national competent 
authorities in deteriorating financial conditions. This means the supervisory power, 
in deteriorating financial conditions, to take all measures necessary to safeguard the 


SSEIOPA Opinion, paragraph 12.8. 

EIOPA Opinion, paragraphs 12.26 and 12.27. EIOPA refers to ‘soft triggers’, allowing for a 
sufficient degree of supervisory judgment and discretion according to different products and 
national market specificities, EIOPA, background document on the opinion of the 2020 review of 
Solvency II, analysis, EIOPA-BoS-20/750, 17 December 2020, page 667. 

TRIOPA, background document on the opinion of the 2020 review of Solvency I, analysis, 
EIOPA-BoS-20/750, 17 December 2020, page 667. 

71E.g. ‘judgment-based’, ‘soft triggers’, ‘supervisory judgment and discretion’, ‘for instance.’ 


7 EJOPA, background document on the opinion of the 2020 review of Solvency II, analysis, 
EIOPA-BoS-20/750, 17 December 2020, paragraph 12.156. 
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interests of policyholders, notwithstanding the power of supervisory authorities to 
require a short-term financing plan or recovery plan.” In accordance with Article 
136 of the Solvency II Directive, undertakings should have procedures in place to 
identify deteriorating financial conditions and notify the supervisory authorities 
when such deterioration occurs.’* This provision appears to assume the primary 
responsibility of the undertaking and its corporate bodies to determine when dete- 
riorating financial conditions occur, not of the supervisory authority.” These pro- 
cedures are obviously subject to supervision by the national competent authorities. 

The question is how the proposal of EIOPA to introduce adequate triggers at the 
EU level for the use of preventive measures relates to the own responsibility of 
insurers (and their governance arrangements) to have procedures in place to identify 
deteriorating financial conditions? Are the factors mentioned by EIOPA intended to 
be factors to be considered for the procedures to be maintained by undertakings (and 
therefore subject to ex-ante supervision) or is it the intention of EIOPA that super- 
visory authorities have the discretion to intervene in deteriorating financial condi- 
tions if they come to the conclusion that the undertaking is facing deteriorating 
financial conditions, independent from the internal procedures of the undertaking 
pursuant to Article 136 of the Solvency II Directive? We believe the use of 
preventive measures by supervisory authorities should be linked to the internal 
procedures of the undertaking to identify deteriorating financial conditions, subject 
to ex-ante supervisory oversight. This contributes to the predictability of the use of 
supervisory measures (i.e. when the undertaking has identified such deteriorating 
financial conditions) and leaves the primary responsibility of the undertaking in 
deteriorating financial conditions, when the undertaking is still operating on a going 
concern basis, with the undertaking. 

It should be borne in mind that it is likely that, when deteriorating financial 
conditions are observed and notified to the supervisory authorities, it is likely that the 
insurance company is also taking action or will soon take action by means of the 
preparation and execution of a recovery plan or short-term financing plan. It should 
be avoided that measures taken by supervisory authorities in deteriorating financial 
conditions interfere with the execution of the recovery plan. 


6 Resolution Objectives 


EIOPA proposes that Solvency II should clearly set out the objectives for resolution, 
without an ex-ante predefined ranking.’° This proposal is also included in the IRRD- 
proposal, in article 18. These objectives are the following: (a) To protect 


73 Article 141 of the Solvency II Directive. 
74 Article 136 of the Solvency II Directive. 


™ Or potentially in exceptional circumstances, where the undertaking fails to observe and/or notify 
such conditions to the supervisory authority. 


7°RIOPA Opinion, paragraph 12.11. 


166 M. Siri and A. Van den Hurk 


policyholders, beneficiaries and claimants; (b) To maintain financial stability, in 
particular, by preventing contagion and by maintaining market discipline; (c) To 
ensure the continuity of functions of undertakings whose disruption could harm the 
financial stability and/or real economy; (d) To protect public funds. 

The question may be raised, what is meant by EIOPA with the notion ‘without an 
ex-ante predefined ranking’. We consider resolution to be an alternative to liquida- 
tion” that should be considered and applied when the objectives mentioned above 
cannot be achieved in a similar way in ordinary bankruptcy proceedings. This is also 
the intention of the IRRD proposal. However, in the IRRD proposal the choice 
between resolution and bankruptcy proceedings is placed in the context of the public 
interest test. In our view, these objectives should always include the protection of 
policyholders, beneficiaries, and claimants, possibly together with one of the other 
objectives.” However, it should be recalled that the critical functions that insurers 
fulfill consist (only) of the prudent exercise of their insurance business, which 
suggests that objective (a) and (c) overlap to a large extent and the added value of 
objective (b) is limited. Financial stability is only at stake when policyholder rights 
are threatened (a), which likely coincides with a critical function (c). Therefore, as 
well as in accordance with Recital 16 of the Solvency II Directive,” the emphasis 
should always be on policyholder protection and/or the protection of specific types 
of insurance cover, which implies in our view a predefined ranking with respect to 
this objective. 


7 Bail-in Tool in Insurance 


Probably the most intrusive and painful resolution powers, as suggested by EIOPA, 
is the power to restructure, limit or write down liabilities, including (re)insurance 
liabilities and allocate losses to shareholders, creditors and policyholders. 

According to EIOPA, the exercise of the resolution powers should be subject to 
adequate safeguards: 


77E.g. an alternative to ordinary bankruptcy proceedings. According to the IAIS is liquidation a 
process to terminate operations and corporate existence of the entity through which the remaining 
assets of the insurer will be distributed to its creditors and shareholders according to the liquidation 
claims hierarchy. 

78See for example also Article 3A:85 of the Dutch Financial Supervision Act that adopts this 
ranking of objectives. 

Recital 16 reads as follows: ‘The main objective of insurance and reinsurance regulation and 
supervision is the adequate protection of policy holders and beneficiaries. The term beneficiary is 
intended to cover any natural or legal person who is entitled to a right under an insurance contract. 
Financial stability and fair and stable markets are other objectives of insurance and reinsurance 
regulation and supervision which should also be taken into account but should not undermine the 
main objective.’ (italics added). 
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i. The hierarchy of claims should be respected, while providing the flexibility to 
depart from the general principle of equal (pari passu) treatment of creditors of 
the same class. 

ii. Creditors, including policyholders, should not incur a loss greater than they 
would have incurred in a winding-up under normal insolvency proceedings (the 
‘no creditor worse off than in liquidation’ (NCWOL) principle).*° 


Furthermore, when allocating losses to policyholders, resolution authorities 
should consider the following safeguards: 


a) The allocation of losses to policyholders should only take place as a last resort 
option, i.e. all other feasible measures and options that could have averted 
(further) losses for policyholders have been exhausted or have been deemed 
unlikely to be successful. 

b) The exercise of the power is deemed necessary for other powers to be effective 
(for instance, to enable a portfolio transfer) and, hence, to limit the losses for 
policyholders. 

c) Policyholders who are covered by IGSs or other mechanisms should be com- 
pensated to the extent possible.*! 


It is clear that the allocation of losses to policyholders and beneficiaries should 
only take place as a last resort measure when all other measures have failed. 
However, in case of insurance failures, it might be unavoidable to resort to this 
tool to effect resolution tools such as a portfolio or share transfer to another insurer or 
to effectuate a run-off. A bail-in of policyholders might be more beneficial to 
policyholders than a liquidation in bankruptcy proceedings, in which losses to 
policyholders might be worse. An important safeguard for policyholders in this 
respect is the respect of the NCWOL-principle, as referred to above. To determine 
if the NCWOL-principle is respected is complex, as it will require a reliable 
calculation of the entitlements of policyholders and beneficiaries in liquidation. 
This will determine the level of the possible bail-in of policyholders and 
beneficiaries. 

The EIOPA Opinion does not cover the valuation of insurance liabilities in 
insolvency. We believe it is essential that this point is also addressed in the EU 
framework, as it is crucial to determine if the insurer fails or is likely to fails, the 
extent to which bail-in can be applied to insurance liabilities and the need to 
additionally rely on resolution funding and/or entitlements may exist on an insurance 
guarantee scheme, if such a scheme is available in Member States. Lessons could 
potentially be learned from existing resolution frameworks, such as has been devel- 
oped in the Netherlands, where valuation principles have been developed in the 


S°RIOPA Opinion, paragraph 12.20. 


81 EIOPA, Background Document on the Opinion on the 2020 review of Solvency II, box 12.5 on 
p. 663, EIOPA-BoS-20/750, 17 December 2020. 
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Dutch Act and lower legislation,** as well as good practices have been developed by 
the insurance industry.*° Furthermore, in the Dutch resolution framework, a mech- 
anism has been developed whereby a provisional insolvency valuation is being 
undertaken at or close to the moment the insurance entity fails or is likely to fail, 
followed by a final valuation when the resolution process or liquidation is finalised. 
The provisional valuation serves as the basis for the potential for bail-in and to 
determine if provisional payments to policyholders can continue to be made during 
the resolution process. These provisions are supported by a backstop-facility in the 
form of resolution funding on an ex-post basis by the insurance industry that 
provides a safeguard against breaches of the NCOWL-principle. The IRRD-proposal 
seems to be largely in line with the Dutch framework, in terms of valuation (chapter 
VID, with nuanced differences. According to the IRRD-proposal, a first valuation is 
done before the insurer is placed in resolution. This valuation serves to determine if 
the conditions for resolution (failing or likely to fail) have been met. A second 
valuation takes place after the the insurer is placed in resolution. This (provisional) 
valuation forms the basis for the resolution action to be taken, which includes the 
extent to which the bail-in tool can be applied, while respecting the NCWOL- 
principle. These provisional valuations are followed by a ‘definitive valuation’ 
(article 24(5)), which will still be based on estimates of the treatment of creditors 
in ordinary bankruptcy proceedings and which does not prejudice the final valuation, 
referred to in article 54, which takes place at the end of the resolution process. A 
safeguard for shareholders and creditors in case of a breach of the NCWOL-principle 
is included in article 55. However, it is not specified in the IRRD-proposal to whom 
creditors and shareholders have such entitlement. 


8 Concluding Remarks 


Based on the current regulatory framework above described, which does not fully 
consider the IRRD-proposal in all respects, multiples challenges might occur from 
the expectation that insurance companies and groups should ensure they are recov- 
erable and resolvable in the context of directors’ duties, which have a focus on 
running the company on a going concern basis. 

While in ordinary times the directors must always consider and balance the 
interests of shareholders and policyholders, on the contrary, in deteriorating financial 
conditions, one could say that the balance shifts more towards the protection of 
policyholders, but that is already more or less inherent to the subordinate position of 


82 Article 3A:89-3A:91 of the Dutch Financial Supervision Act, Decree Valuation Insurance 
Liabilities in bankruptcy, 10 July 2019. 

®3Dutch Association of Insurers, Good practice calculation bankruptcy value https://www. 
verzekeraars.nl/media/7925/good-practice-berekenen-faillissementswaarde. pdf. 
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shareholders/privileged position of policyholders (shareholders bear losses first, 
policyholders last). 

In the context of recovery and resolution, it is appropriate to ask whether the 
‘regular’ director duty of care is suitable to inform decisions by that are needed in 
adverse financial circumstances as well as to inform preparatory decisions such as 
with respect to ex-ante recovery planning and ex-ante removal of impediments to 
resolution. An interesting point is how to judge the preparation for resolution 
(ex-ante removal of impediments to resolution). This might happen when the 
company is still running on a going concern basis and the decisions that need to 
be taken do not necessarily make sense from a going concern perspective: making an 
insurance company resolvable might make it less efficient than when you would 
only consider the going concern. 
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Restructuring, Winding-Up & Portfolio A 
Transfer of Insurance Companies TAN 
in Distress 


Kyriaki Noussia, Peter Underwood, and Stergios Frastanlis 


Abstract Insurance companies often need to go through restructuring for various 
reasons. Such restructuring can happen in company law through the mechanism of 
M&A, or under EU legislation via portfolio transfer (see e.g. Article 14 of Directive 
2002/83/EC and Article 12 of Directive 92/49/EEC in the field of non-life insur- 
ance). This chapter discusses reorganising, restructuring and winding-up of insur- 
ance companies, as well as insurance portfolio transfers by means of company law 
mechanisms (M&A) and under the Cross-Border Mergers Directive, as well as under 
the Solvency II Directive. It then goes on to discuss the position under Greek law, 
and uses as a case study the winding-up of Aspis Pronia in 2009 and the transfer of 
the insurance undertakings’ portfolios. The analysis will allow us to identify that the 
level of insurance portfolio transfers harmonisation in the EU is not as high as 
expected, and that a common framework and harmonisation is needed. 


1 Introduction 


Due to extenuating facts, insurance companies are often forced to change their 
activity, abandon product lines, restructure a group’s business or simply exit the 
insurance market completely. Such occurrences may affect the situation and protec- 
tion of the policyholder. The implementation of the Third Generation Insurance 
Directive aimed to not only deregulate the EU insurance markets, but to also enhance 
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market efficiency and consumer choice. When an exit of an insurance company is 
forced, any such market exit may take place either through voluntary or involuntary 
withdrawals (run-off) or insolvency or via M&As. The transfer of all or part of an 
insurance undertaking’s portfolios is governed by Article 14 of Directive 2002/83/ 
EC in the field of life insurance and by Article 12 of Directive 92/49/EEC in the field 
of non-life insurance. According to these articles, each Member State is obliged 
under the conditions laid down by national law, to authorise insurance undertaking 
with head offices within its territory to transfer all or part of their portfolios of 
contracts, concluded under either the right of establishment or the freedom to 
provide services, to an accepting office established within the Community. Any 
such transfer is subject to certification by the competent authorities of the home 
Member State of the accepting office that the latter possesses the necessary solvency 
margin. Whenever a transfer of portfolio is authorised under the law, the transfer 
becomes immediately effective for policyholders and beneficiaries, and as a result of 
portfolio transfer one or more lines of business from one insurance company are 
transferred to another to allow additional capital to be released and transferred. 
Furthermore, portfolio transfers act as an effective tool for managing discontinued 
business. The same applies as per Directive 2009/138/EC (recast) Solvency II, Art. 
39. The Solvency II Directive introduced EU-wide prudential rules and created, for 
the first time, a fully harmonised regime for the prudential regulation of insurance 
and reinsurance businesses in Europe, with the aim of encouraging the development 
of a properly integrated insurance market. It aimed at introducing in all Member 
States a modern, economic and risk-based regime of prudential supervision for 
insurance and reinsurance undertakings and for groups. Notwithstanding the Sol- 
vency II regime, insurance portfolio transfers are often made by means of company 
law mechanisms (e.g. via the merger and acquisition of the company). 

This chapter discusses reorganising, restructuring and winding-up of insurance 
companies, as well as insurance portfolio transfers by means of company law 
mechanisms (M&A) and under the Cross-Border Mergers Directive, as well as 
under the Solvency II Directive. It then goes on to discuss the position under 
Greek law and uses as a case study the winding-up of Aspis Pronoia in 2009, and 
the transfer of the insurance undertakings’ portfolios. The analysis will allow us to 
identify that the level of insurance portfolio transfers harmonisation in the EU is not 
as high as expected, and that a common framework and harmonisation is needed. 


2 Restructuring of Insurance Companies Under 
Company Law 


This section will review the tools available to insurance companies under company 
law provisions whilst in distress. It will proceed as follows; first it will evaluate 
mergers and acquisitions, including the consideration of asset sales, contractual 
offers, and schemes of arrangements. It will then evaluate the role of cross-border 
mergers, considering how the directive operates and how this has been implemented 
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into the United Kingdom’s jurisdiction. It will then consider the role of Brexit briefly 
and discuss the likely effects of Brexit on cross-border mergers. Then it will move to 
assess other options such as liquidation and administration which could be applica- 
ble for insurance companies in distress. It will then consider some of the wider 
concepts within company law, such as the duties directors must adhere too when 
undertaking reorganisation and restructuring. ' 


2.1 Mergers and Acquisitions & Schemes of Arrangement 


There are three principal ways of restricting companies within the domestic market, 
and in addition to these domestic options there is also the cross-border merger. This 
section will consider the three domestic methods of domestic structure, and the 
subsequent section will evaluate the cross-border merger provisions following the 
implementation of an EU directive. 


2.1.1 The Contractual Basis for Reorganisation 


The first deal structure available to insurance companies is the asset sale, this is 
where all or part of an undertaking’s assets are purchased. This occurs where one 
company purchases the assets from another and upon the sale, title will be transferred 
to the acquirer. This transfer is no different than the sale of a company’s products to 
its consumers, it can, however, be substantially more complex given the volume of 
assets. The sale of each asset will be required to adhere to the relevant formality 
requirement provisions to execute that sale. In the context of land, rights in rem may 
need to be considered and the relevant formalities complied with in accordance with 
the Land Registration Act 2002 to facilitate the sale. 

One key advantage when compared with other deal structures is that the liabilities 
can be left with the target company. However, there remain significant challenges in 
relation to an asset sale, the need to comply with formalities, and rights for each 
individual asset can be disproportionately time consuming. Kershaw claims that 
because of this, asset sales are more common in smaller private companies than in 
publicly traded companies in which they are very rare.” Moreover, whilst the asset 
sale does permit the ability not to take on liabilities, there are statutory measures 
where the buyer must assume certain liabilities, and such is the case with employees. 
Whilst asset sales may therefore present themselves as initially appealing, the burden 
of complying with each formality, and risk of potential breach for not complying 
becomes inherently more difficult. Furthermore, merely purchasing assets alone will 
not necessarily result in a cheaper outcome. There remains the cost of the 


'Milman (2014), pp. 1-5. 


?Kershaw (2016), p. 32; Fama and Jensen (1983), p. 301; Habersack (2018), p. 1; Kershaw 
(2007), p. 267. 
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transactions, and the price adjustment for the assets being sold. The directors will be 
under a duty to ensure a fair price is achieved for the assets being sold and will also 
need to ensure that the corporate constitution allows for such sales. Therefore, given 
the size and complexity insurance companies operate in, the formality arrangements 
may outweigh benefits which often come with the asset sale component of 
restructuring. 

In addition to the sale of assets, there is the contractual offer or the sale of shares 
which provides another avenue for corporate restructuring. Then contractual offer 
involves an offer which is made to shareholders directly to purchase their share- 
holding. The contractual nature of the transaction may require approval if there are 
restrictions in the articles of association or in a shareholders’ agreement. This is more 
common in a smaller private company as public companies are subject to the 
Takeover code? where there is no such negotiation, but an offer to purchase shares 
subject to specific terms. The shareholders dispensing of their shares can therefore be 
considered no different than the sale of any other property. The term ‘tender offer’ is 
also used to describe a contractual offer and they are often referred to as takeovers. 
Kershaw highlights that this method is the most common for companies seeking to 
take control of another.* Given the strict separate legal nature of a company,” the 
company will remain unaffected when a share sale is exercised. If the offeror is 
seeking to gain complete control but is unable to negotiate a purchase, then section 
979 of the Companies Act 2006 may provide some additional assistance in the form 
of “squeeze out’. This provision allows the offeror to acquire 100% providing they 
follow the squeeze out procedure. In this regard, the offeror is required to obtain 90% 
of the shares offered to force a purchase. Importantly, this 90% is not the total 
number of shares required but of the offer they are making.’ If the offeror already 
controlled 90% of the shareholding, then the requirement would be that they acquire 
90% of the 10% not possessed. Once this threshold is met, the offeror is bound to 
purchase all the shares on the terms offered.* 


2.1.2 Schemes of Arrangement 


Having evaluated the two methods of organisation which are premised on a con- 
tractual basis, this section will now proceed to consider the schemes of arrangement 
which can be used to implement a share transfer scheme or a merger scheme. Most 
jurisdictions provide for a specific statutory merger; however, in the UK, this is not 


3 detailed analysis of the Take-Over code is beyond the scope of this chapter, for a detailed 
analysis of this, see Kershaw (2016). 


“Kershaw (2016), p. 38. 

5Lim (2013), p. 480. 

6100% of the shareholding. 

7 Companies Act 2006, s 979 (5). 
8Tbid, s 981. 
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provided for and is instead dealt with under a scheme of arrangement. The closest the 
UK has come to forming a statutory footing for mergers is under The Companies 
(Cross-Border Mergers) Regulations 2007 which sets out the procedure for the 
merging of a UK company with an EEA company. A more detailed analysis of 
cross-border mergers will follow in the subsequent paragraphs. The benefit of this 
scheme of arrangement is that it is capable of dealing with more than just mergers, it 
can also be used to implement a share sale for control. One significant difference in 
respect of mergers and the preceding analysis on share sale and asset sales is that on 
completion of a merger one company is automatically wound-up. Whilst a company 
following an asset sale or share sale may be wound up shortly after the completion of 
the transaction, it is not a result of the transaction, whereas a merger is. 

The statutory basis for a scheme of arrangement is found within Parts 26 and 26A 
of the Companies Act 2006 ‘arrangements and reconstructions’. Part 26 deals with 
general arrangements and reconstructions whilst Part 26A provides additional 
requirements for companies which are in financial difficulty. The basic structure, 
irrespective of which part is utilised, is that there is a court order to consider the 
compromise or arrangement,” court sanctioning and registration.'° The benefits of 
the scheme of arrangement for companies in distress is that it can be utilised to 
restructure a company’s debt. Part 26A will apply where a company has encountered 
or is likely to encounter financial difficulties which may affect its ability to continue 
to operate as a going concern.'! Additionally, the arrangement must be between 
creditors of a class, or members with the purpose to reduce the financial difficulties. 
Moreover, an arrangement in under this part can include a reorganisation of the 
company’s share capital which may release funds to redress financial distress. The 
ability to be able to restructure both share structures for control and debt via credit 
affords insurance companies in distress with wider options than a merger scheme 
would typically provide for. 

The process for a scheme of arrangement pursuant to Parts 26 and 26A will now 
be set out. The first requirement is that there is meeting of creditors or members 
which is ordered by the court. An application for such an order for companies in 
distress can not only be brought by the company itself, but it can also be brought by a 
member or a creditor of the company. Moreover, for companies in distress the 
liquidator or administrator is also able to apply for a court ordered meeting.'* The 
requirement from the meeting is that each member or creditor who will be affected 
will be permitted to participate in the ordered meeting. If the scheme will only effect 
one class, then there is no requirement for a meeting for the class unaffected.'* Given 
that the arrangement is between the company and either the creditor, the consent of 
the company must be provided, and as such this process is unlikely to be utilised to 


*Ibid, ss 896 and 901C. 

10Tbid, ss 899 and 901F. 

11 Tbid, s 901A. 

Tid, s 901C. 

13 Re British & Commonwealth Holdings Ple (No 3) [1992] 1 WLR 672. 
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commence a hostile takeover.'* However, shareholders may be permitted through 
the articles or statutory provisions’ to call a general meeting where special resolu- 
tions could form the basis for approval. In addition to the court order for a meeting, 
there is the requirement for a statement to be circulated or made available.'° This 
statement is of significance because it must set out the compromise or arrangements 
effect. It is noteworthy that directors remain under a duty to provide information, and 
a default in relation to this is an offence and liable for a fine. 

Once the court ordered meeting has the requisite approvals, a court sanction must 
be applied to sanction the scheme.'’ For the court to sanction this, there is a 
minimum requirement of consent from the corresponding members or creditors. A 
minimum of 75% approval is required'® from the class of shareholders or creditors to 
which the scheme affects. Once the agreement is sanctioned it is binding on all 
creditors or members irrespective of whether they voted in favour of the scheme or 
not. ° For companies where a debt restructuring may affect a pension scheme there is 
the additional requirement for a notice to be sent to the pensions’ regulator in 
addition to the creditor,*” for insurance companies dealing with restructuring of 
pension debts this is an additional requirement to overcome to attain a scheme of 
arrangement. 

The procedure for restructuring debt or share structure is, therefore, one requiring 
three fundamental elements: a court ordering of a meeting, the court sanction of the 
scheme, and then the registration. As alluded above, the scheme of arrangement can 
be used widely to cover more than just share sales, such as a reorganisation of debt. 
Given the wide interpretation of scheme of arrangement, there is the capacity for a 
merger to fall within the remit of a scheme. The Companies Act provides the court 
with the power to amalgamate companies.”! This amalgamation is essentially a 
merger and allows the courts to transfer both assets and liabilities, and further allows 
for the dissolution of the transferee company following a completion of transfer to 
the transferor. Part 27 of the Companies Act adapts the scheme of arrangement to 
specific types of merging public companies as defined by section 904.” These are 
merger by absorption and merger by formation. The merger by absorption is 
whereby a proposed transfer under a scheme by one or more public companies is 
transferred to an existing company. Conversely, the merger by formation is where 
two or more public companies are proposing a transfer under a scheme into a new 
company. Upon successful transfer, the transferee companies will be dissolved 


'4 Re Savoy Hotel [1981] Ch. 351. 
15 Companies Act 2006, s 303. 
'Tbid, s 901D. 

Tid, s 901F. 

1'8 Thid, s 901F. 

Ibid, s 901F (5). 

0Tbid, s 9011. 

?1 Ibid, s 900 & 9011. 

?? Companies Act 2006. 
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without the need for liquidation. The avoidance of liquidation in favour of transfer 
and dissolution could be more attractive because of the significant costs involved 
with liquidation. 

The procedure under Part 27*° is analogous to Part 26;7* however, Part 27 pro- 
vides that a scheme under Part 26 must not be sanctioned unless Part 27 has been 
complied with respect to public companies’ requirements. The consequence of 
falling into Part 27 is that additional requirements need to be complied with. The 
significant additional terms are as follows: there must be draft terms of the scheme 
prepared,” these terms must then be published.” Additionally, there is the require- 
ment for both a director’s explanatory report?” alongside an expert’s report.” One 
advantage of Part 27 is in relation to ownership of the merging companies. If there is 
a requisite ownership or approval of 90% or more, than the requirement of a meeting 
is not required which can expediate and reduce the costs of the scheme. 

Therefore, it can be ascertained that schemes of arrangement for an insurance 
company in distress can be utilised to facilitate numerous restructuring methods,’ 
including restructuring of finance, mergers, and acquisitions.*° This restructuring 
requires court sanctioning and approval from the members or creditors, and for 
companies in distress additional provisions are required to be complied with to 
ensure protection of wider stakeholders. This section has evaluated and outlined 
the options available within the UK from a company law perspective on 
restructuring for insurance companies.*' The subsequent section will evaluate the 
role of cross-border mergers and their application to UK based insurance companies. 


2.2 Cross-Border Mergers 


This section will evaluate the options available to insurance companies where the 
proposed merger, acquisition or scheme extends further than domestic companies. 
Part 26° is only available where the company or companies are domestic; where 
they are not Part 26 cannot be used to facilitate a scheme. In an effort to provide for 
mergers within the European Economic Area (EEA) the European Union has 


3 Thid. 

4 Tid. 

?5Tbid, s 905. 

?6Tbid, s 906. 

?7Tbid, s 908. 

PS Thid, s 909. 

?For a further discussion, see Morse and Worthington (2010), Ch 12. 


30 Hostile takeovers have not been considered and are beyond the scope, for a detailed analysis of 
this as a method of control, see Kershaw (2016). 


3! McCormack (2020), pp. 11-22. 
>? Companies Act 2006. 
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provided a directive? to facilitate this. This has been implemented in the UK by The 
Companies (Cross-Border Mergers) Regulations 2007 (No. 2974) (hereafter ‘the 
regulations’). This section will first outline the applicability and procedure of the 
directive before considering the application specifically in relation to the UK. 


2.2.1 The Directive on Cross-Border Mergers of Limited Liability 
Companies 


The Directive aims to facilitate the cross-border merger of limited liability compa- 
nies where at least two of the companies have their principal place of business 
governed by different Member States.** The company which is subject to cross- 
border merger will still be required to comply with the provisions and formalities of 
the Member State’s national law.*° A merger under the directive includes the transfer 
of all assets and liabilities, the merger by absorption as has already been described, 
and a merger by formation, whereby two or more companies are dissolved and all 
assets transferred to the new company. 

Given the larger scope of cross-border mergers, there are additional requirements 
which need to be complied with to facilitate a merger. The draft terms of the merger 
must be published before a general meeting for each of the merging companies one 
month before.*° In addition to this, depending on the requirements within a Member 
State, these particulars of the merger must be published in the national gazette of the 
Member State in which the relevant company operates. Much like the merging of 
public companies under Part 27°’ there are reports which are required to be compiled 
and publicised. There is the requirement for a management or administrators 
report,*® alongside the report of an independent expert report.*” Once these reports 
have been presented to the members, they are able to be voted upon and gain 
approval at the general meeting. Following the approval by members, a 
pre-merger certificate needs to be obtained from the courts of the relevant competent 
authority. Before the completion of the merger, the courts will scrutinise the legality 
of the merger to ensure compliance. Following this approval, the law of each 
Member State in respect of registration will apply, and the relevant documents for 
the merger will be filed accordingly. The effect of a cross-border merger is similar to 


33Directive 2005/56/EC of the European Parliament and of the Council of 26 October 2005 on 
cross-border mergers of limited liability companies. Subsequently repealed and codified under 
Directive 2017/1132. 


34Directive (EU) 2017/1132 of the European Parliament and of the Council of 14 June 2017 relating 
to certain aspects of company law, Art. 118. 


Ibid, Art. 121. 
Ibid, Art. 123 (1). 
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38 Directive (EU) 2017/1132 of the European Parliament and of the Council of 14 June 2017 relating 
to certain aspects of company law, Art. 124. 
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a domestic one in that liabilities and assets are transferred into either the new 
company by formation or the transferee company absorbing the companies subject 
to the merger. The transferor companies will cease to exist following a successful 
merger.*° Where companies are related through pre-existing share structures, there 
are simplified formalities, such as there being no requirement for members’ 
approval.*! 

This consolidated framework provides the minimum formalities upon which 
Member States should seek to apply domestic law to cross-border mergers. It reverts 
back largely to domestic law for guidance in respect of cross-border mergers.** This 
may be in part due to the earlier directive in 2005 having largely been applied 
throughout the EEA Member States. This section has outlined the framework within 
the most recent directive relating to cross-border mergers. This directive provides 
clarity as to which domestic laws apply but often reverts back to domestic and local 
provisions. The next section will address how cross-border mergers are dealt within 
the UK and how the articles in the directives have been applied in a domestic 
context. 


2.2.2 The Companies (Cross-Border Mergers) Regulations 2007 
(No. 2974) 


This section will analyse the application of the directive on cross-border mergers and 
how they apply in the UK context when a domestic company is merged with an EEA 
company. The procedure on cross-border mergers was adopted into UK law follow- 
ing the 2005 EU directive. It provides for a merger where one of the companies 
subject to the merger is not a domestic company. The regulations provide for a 
merger without the need for the previously analysed scheme of arrangement. 

The regulations define a cross-border merger as one by absorption; absorption of 
wholly owned subsidiary or by formation of a new company.** The procedure 
outlined under this mechanism is procedurally similar to that outlined in Part 26.4 
Where a UK merging company wishes to merge, they must first seek court approval 
of the pre-merger requirements outlined in Part 2.*° Within this application there is 
the requirement for all the terms and effects of the merger to be clearly outlined. In a 
similar manner to both Parts 27*° and the directive*’ a directors’ report alongside, 


4°Tbid, Art. 131 (2)(c). 

4l Tbid, Art. 132 (1). 

42 Mukwiri (2019) accessed 17.4.2021. 
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and independent experts report is required. Once the requisite disclosures and 
publications have been complied with, then the subsequent vote from the members, 
and creditors if required, which requires a 75% approval for the merger to be 
accepted.** These formality requirements do not apply where a company is seeking 
to absorb a wholly owned subsidiary. Once the required formalities and votes have 
been complied with then the court may approve the cross-border merger.‘ The 
consequences are similar to the domestic scheme of arrangement whereby the assets 
and liabilities are transferred, and the transferor companies are dissolved. 


2.2.3 The Effect of Brexit 


The effect of the UK’s withdrawal of the EU is likely to have a significant impact on 
the functioning of cross-border mergers within the UK and across the wider EEA 
Member States. The regulations governing the cross-border mergers have been 
revoked pending the UK’s withdrawal.” The result of this is that from the relevant 
‘exit day’,>! i.e. 1 January 2021 the cross-border mergers have ceased to be an option 
for insurance companies wishing to complete a merger with a company outside of 
the UK. The timeframe for completion of a cross-border merger requires that all 
pending mergers must also be complete by the exit day for the formalities to be met. 

Solvency II created, for the first time, a fully harmonised regime for the prudential 
regulation of insurance and reinsurance businesses in Europe.” 

Looking specifically at Solvency II, post Brexit, the UK needs to domesticate the 
elements of the regime that are currently entrenched in EU legislation, and because 
the UK will also no longer be under any obligation to apply Solvency II standards to 
UK (re) insurers, the PRA may make further changes to the UK rules. As post- 
implementation period, the UK is treated as a third country and UK (re)insurers are 
subject to rules established by the Directive for third country (re)insurance under- 
takings in the same way as other non-EEA firms wishing to carry on insurance 
business in the EEA. In addition, as the Withdrawal Act preserves a very high 
proportion of this corpus of law as ‘retained EU law’ the interpretation of retained 
EU law will be a matter of law. The approach, as stated above, is to treat EEA states 
and EEA firms consistently with other third countries and firms. This includes the 
possible assessment of the EU regime as equivalent to the new, domestic or 
domesticated legal with temporary divergence so as to minimise disruption and 


SThe Companies (Cross-Border Mergers) Regulations 2007, ss 13 (1) and 14. 
Ibid, s 16. 


°°The Companies, Limited Liability Partnerships and Partnerships (Amendment etc.) (EU Exit) 
Regulations 2019, s 5. 
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avoid material unintended consequences for the continuity of financial services 
provision.” 

The procedure for insurance companies wishing to merge either domestically or 
with another EEA company is a court governed proceed with varying degrees of 
formality requirements attached depending on the type of company. The benefit of 
the cross-border regulations and directive is that it permits two or more companies to 
merge from different jurisdictions and with different registration requirements. The 
removal of these regulations from an UK perspective reduces the options available to 
insurance companies in distress as they will not be able to restructure from outside 
the UK. The domestic scheme of arrangement is a flexible tool which not only allows 
for mergers and acquisitions but also allows for debt restructuring which could be a 
valuable tool for insurance companies in distress. This section has considered the 
options available on both a domestic and European level to insurance companies in 
distress with respect to restructuring. The following section will evaluate additional 
considerations which companies in distress need to take into account when consid- 
ering options to restructure. 


2.3 Further Considerations 


This section will propose some further considerations that companies and their 
respective corporate managers should evaluate when considering restructuring. It 
will consider the options of winding-up alongside administration as alternative 
options to mergers and acquisitions. It will then highlight the importance of the 
fiduciary duties attached to corporate managers when restructuring. 


2.3.1 Administration 


The purpose of administration is to rescue the company, this can be viewed differ- 
ently from winding-up. Rescue may not be considered due to the decisions of the 
members or the financial position the company may find itself in. The benefit of 
administration is that whilst the primary aim is to rescue the company as a going 
concern, wider conceptions of rescuing property or elements of the company may 
also be considered.** 

Administration can be entered into by court order or without one. The main 
benefit of administration is the Moratorium which prevents creditors enforcing 
claims against the company” which allows greater time for insurance companies 
in distress to evaluate options. The formal appointment of a licenced administrator is 


3Tbid, 30-41. 
“Ibid, Schedule B1.; Davis (2004), pp. 124-126. 
*Tbid, Schedule B1, 42 and 43. 
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required to manage the company and take control of the process.°° Another benefit 
of administration is the availability of pre-packs.”’ This is where trade deals and 
negotiations are carried out prior to entering administration, with an agreement to 
buy the company or part of the company once the administration process is entered 
into.” The great advantage of this mechanism is that it can reduce the impact that 
insolvency proceedings have, and allow successful elements of the company to be 
sold whilst certain liabilities can remain with the insolvent company to enter into 
liquidation. Therefore, despite the substantial regulation surrounding, the availability 
of the ability to pre-package elements of the company for sale is likely to be 
advantageous for companies in distress. Moreover, the ability for pre-pack admin- 
istration allows for quick resolution which could avoid negative publicity for larger 
insurance companies. Given that insurers will be selling a product to cover a period 
of time, coverage of insurance companies at risk could further exacerbate the distress 
the insurance company is in. The pre-pack administration allows for a procedure 
whereby this could be avoided or minimised. Furthermore, this allows the insurance 
company to seek to rescue the company in its entirety or its profitable elements. 


2.3.2 Winding-Up 


Although winding-up may not fall into the strict remit of reorganisation, it is worth 
consideration for insurance companies in distress.°’ Under the Insolvency provi- 
sions, a company which is subject to a member’s voluntary liquidation may 
empower its liquidator by special resolution to transfer the whole or part of the 
business or property to another company in return for shares. Insurance companies 
which form part of a larger corporate group may upon consideration seek to liquidate 
one of their related companies as opposed to merging or acquiring. 

The process for winding-up is that assets of the company are collected and 
realised, the liabilities are discharged, and the surplus returned to persons entitled. 
A benefit of winding-up is that it can be carried out either whilst solvent or insolvent. 
The members of a company are free to propose this winding-up.°' Similarly to the 
procedure under mergers, there remains the requirement to engage with the court for 
winding-up. A petition must be presented, followed by an advertisement and a 
subsequent hearing to make a winding-up order. The effect of the winding-up 
order results in a liquidator taking control of the company” to facilitate the 


56Tbid, Schedule B1, Paragraph 6. 
"Ibid, Schedule B1, Paragraph 59. 
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winding-up of the company and the distribution of assets. In this regard, for 
insurance companies in distress, winding-up procedures could assist in the dissolu- 
tion of the company where restructuring may not be of economic benefit. 


2.3.3 Director’s Duties 


Director’s Duties do not operate in a vacuum and are not a restructuring method or 
rescue procedure as per the preceding sections. The duties are a further consideration 
for directors or corporate managers for companies who are in distress and seeking to 
restructure, trade through or wind up. Director’s duties are fiduciary in origin and 
most jurisdictions now have their own statutory basis.°’ Within the UK the duties are 
found in the Companies Act™ which outlines the general duties and standards which 
directors need to uphold.©° 

In the context of companies in distress, directors and corporate managers should 
ensure that they are exercising these duties in accordance with due care and diligence 
requirements.°° Two specific considerations are relevant to dealing with corporate 
rescue when companies are in distress.°’ The first is wrongful trading,°* while the 
second is fraudulent trading. Continuing to trade through and failing to recognise the 
need for restructuring or rescue could result in director disqualification®? or an order 
for contribution for losses.’° To be liable, the director needs to have known or ought 
to have known that insolvent liquidation was unavoidable.’! This relates to a 
standard of behaviours which can be linked to the director’s duties provisions in 
the Companies Act. This is of significance as if the directors are considering 
pre-pack administration or a scheme of arrangement then they ought to consider 
the impact of their delay to action this, ensuring that this is carried out before rescue 
is possible.’” Moreover, fraudulent trading can constitute a criminal offence”? that is 
wider than wrongful trading as it will include any persons who were knowingly 
contributing to continuing to trade with intent to defraud.”* Therefore, given the civil 
and criminal consequences which can be attached to corporate managers of 


©3For a more detailed analysis and discussion on directors’ duties, see Omar (2018). 
Companies Act ss 170-182. 

65 See Keay (2011), p. 138; Arden (2010), p. 1. 
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companies in distress, mitigation and consideration of these principles should be 
borne in mind when evaluating rescue stories. 

This section has evaluated the ways in which goals to restructure whilst in distress 
can be attained through the tools available from company law. It has assessed the 
availability of mergers and acquisitions alongside cross-border mergers to ascertain 
how attractive these tools may be to an insurance company in distress. Moreover, it 
has emphasised the challenges to cross-border mergers to companies based in the 
United Kingdom following the withdrawal from the European Union. Additionally, 
the scheme of arrangement for domestic purposes allows for a broad use to encom- 
pass debt restructuring. The following section will consider the restructuring of 
insurance companies through insurance law, including an evaluation of the insurance 
portfolio transfer and the tools available through the Solvency II Directive. 


3 Restructuring of Insurance Companies Under 
Insurance Law 


3.1 Insurance Portfolio Transfers 


The process of insurance portfolio transfers in the EU was set by the Third Non-Life 
Directive,” the Consolidated Life Directive”? and the Reinsurance Directive,” all of 
which set the legal and regulatory framework for the procedures, enabling a single 
official authorisation granted by the competent authorities of the country of 
company’s head office, allowing it to be also recognised in other EU Member States. 
The consent of the policyholder was not regarded as essential and was not needed 
and the latter was to be notified only after the transfer has already been authorised.”* 
The company accepting the portfolio had to abide with the solvency requirements in 
its home country and with those of the country of the branch, if a branch is 
transferred. The Directives establish a basic unified framework to limit jurisdictional 
discrepancies. ’” Of the starkest differences in portfolio transfers regulation are the 
ones noted in civil and common law countries®*’ regarding the body responsible for 


Council Directive 92/49/EEC of 18 June 1992 on the coordination of laws, regulations and 
administrative provisions relating to direct insurance other than life assurance and amending 
Directives 73/239/EEC and 88/357/EEC (third nonlife insurance Directive), OJ L 228/1. 


76 Directive 2002/83/EC of The European Parliament and of The Council of 5 November 2002 
concerning life assurance (Life Directive), OJ L 345/1. 


™ Directive 2005/68/EC of the European Parliament and of the Council of 16 November 2005 on 
reinsurance and amending Council Directives 73/239/EEC, 92/49/EEC as well as Directives 98/78/ 
EC and 2002/83/EC, OJ L 323/1. 
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the transfer authorisation, i.e. the courts, in the latter case, and the supervisory 
authorities in the former case. 

Such discrepancies result in problems as in common law countries, courts may 
authorise the transfer of portfolio and any accompanying contracts, whereas the civil 
law supervisory authority can only decide on the transfer of portfolio itself, leaving 
the rest to negotiations, hence the need for a discussion of the transfer with reinsurers 
whose contracts are being transferred so as to have their prior consent, so as to ensure 
the continuation of coverage”! 


3.2 Insurance Portfolio Transfers (Solvency II) 


Article 39 of Solvency II replaces the regime of Article 14 of Directive 2002/83/EC 
of 5 November 2002 allowing in effect an insurance undertaking to transfer a 
portfolio of contracts to an insurance undertaking established in a Member State 
after it has received the authorisation of the supervisory authority of its home 
Member State. As per Article 39 of Solvency II, it is stipulated that under the 
conditions laid down by national law, Member States can authorise insurance and 
reinsurance undertakings with head offices within their territory to transfer all or part 
of their portfolios of contracts, concluded either under the right of establishment or 
the freedom to provide services, to an accepting undertaking established within the 
EU. The prerequisites for such an authorisation are that the competent authority of 
the home Member State of the accepting undertaking certifies that this undertaking 
possesses the necessary eligible own funds to cover the Solvency Capital Require- 
ment, to cover the Solvency Capital Requirement as per Solvency II Article 
100, after taking the transfer into account. It is up to the supervisory authorities of 
the home Member State of the transferring insurance undertaking to authorise the 
transfer after obtaining the agreement of the authorities of the Member States where 
the contracts were concluded, either under the right of establishment or the freedom 
to provide services. In addition, the competent authorities of the Member States 
where the contracts were concluded have consented or did not oppose within a 
period of three months after receiving a request for consultation. 

Post Brexit and post the expiry of the transition period, UK insurers and rein- 
surers who may want to pursue the option of a portfolio transfer will not be able to 
conduct such a transfer under Art. 39 of Solvency II, as the provision does not apply 
to third-country insurers and reinsurers. It is questionable if the specific portfolio- 
transfer rules will apply to portfolio transfers of UK insurers after the expiry of the 
transition period.*? 
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3.3. Winding-Up (Solvency II) 


This section will analyse the rules for winding-up insurance companies under 
Directive 2009/138/EC. Regulation on winding-up of insurance companies under 
insurance law are set out specifically in Solvency II under the Title IV 
‘reorganisation and winding-up of insurance undertakings’. The directive does 
not harmonise national legislation but provides a framework for mutual understand- 
ing for Member States on the process of winding-up of an insurance company. The 
directive limits the definition of winding-up to the collective proceedings which 
involving the realisation of the assets of an insurance undertaking and distributing 
among the creditors.** The purpose of winding-up is therefore to liquidate and 
realise assets and distribute the proceeds to the creditors in the order of priority as 
identified by the directive. 

Chapter IMI® sets out the procedure to be followed for winding-up. The compe- 
tent authorities of the home Member States are the only parties entitled to make a 
decision concerning the opening of winding-up proceedings.*° ‘Competent author- 
ities’ are the administrative or judicial authorities of the Member States which are 
competent for the purposes of reorganisation methods or winding-up proceedings. *’ 
The decision to commence winding-up proceedings of insurance undertaking shall 
be governed by the applicable law in the home Member State unless otherwise 
provided in Articles 285-292.** The law of the home Member State will therefore 
govern the proceedings unless this contradicts the provisions in Articles 285-292. In 
this regard, the directive is not providing harmonisation, but providing that the 
relevant jurisdiction to oversee the winding-up will be that of the home Member 
State. Article 274 provides a list of what the law of the home Member State must 
determine, notably including the assets which form part of the state, the role of the 
liquidator, the effects of proceedings on current insurance contracts, the rules 
governing claims, and ascertaining who bears the cost of winding-up. 

In relation to insurance claims, Member States are required to ensure that 
insurance claims take precedence over other claims except for employee’s rights, 
tax systems and rights in rem.*° Under Article 276, insurance undertakings are also 
required to keep a special register of all calculated special provisions. Once winding- 
up provisions have commenced, this register may not be amended except with for the 
very limited reason of clerical error. 


83 Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on 
the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency I). 
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Chapter IV contains the common provisions which provide additional provisions 
notwithstanding the position of the law from the home Member State. Article 285 by 
way of derogation introduces some additional guidance. Employment contracts are 
to be governed exclusively by the law of the Member States applicable to the 
employment contract or employment relationship. Contracts conferring the right to 
make use of or acquire immovable property are to be governed where the property is 
situated. With regards to insurance over immovable property, a ship or aircraft 
subject to registration in a public register, this is to be governed by the law of the 
Member State in which the register is kept.”° The rights in rem will not be affected in 
respect of tangible or intangible, movable or immovable objects, both specific and 
indefinite assets, for which Article 286 provides additional guidance as to the remit 
this includes. The same is true of goods or property subject to retention of title and 
set off, winding-up proceedings will not affect the application of these principles. 

The directive in relation to winding-up therefore prescribes very little in addition 
to that of the home Member State of the insurance undertaking. When an insurance 
company becomes insolvent”! the decision to wind up the company is made by 
competent authorities in the EU country in which the insurance company is regis- 
tered. The directive provides that with exception of some express provisions, 
outlined above, the law of the home Member State will function to wind up the 
insurance undertaking. Therefore, the directive is more facilitative in providing a 
framework outlining the circumstances in which Member State law applies.” 
However, the home Member State must have a supervisory authority which must 
inform their counterparts in the EU countries about the decisions of the winding-up 
procedure and any implications.” This has been applied since with Advocate 
General Hogan providing the opinion that it is up for the home Member State to 
decide upon how winding-up proceedings are undertaken. In this regard, Solvency 
IL, whilst providing clarity on jurisdictional application of the law, in terms of which 
jurisdiction prevails, does little to amend substantive winding-up procedures for 
insurance undertaking within their home Member State. 

If an insurance company becomes insolvent, the decision to reorganise or wind up 
the company is made by the relevant authorities in the EU country where the 
insurance company is registered. The supervisory authorities must tell their coun- 
terparts in all other EU countries about the decision, including any practical impli- 
cations. Winding-up proceedings apply to all EU branches of the insurance 
company. Creditors must all be informed and treated in the same way, regardless 
of the EU country they are based in. The Solvency II Directive gives EU countries 
different options for dealing with insurance claims when winding-up an insurer. 
They can either give insurance claims absolute priority over all other claims on the 
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insurer, give insurance claims priority but allow claims on salaries, social security, 

taxes and assets to take precedence over insurance claims, or decide that the costs of 
en as . tok n A 94 

winding-up the insurer take priority over insurance claims. 


3.4 Reorganisation Measures (Solvency II) 


Similar considerations apply to the rules dealing with reorganisation measures (Title 
IV, Chapter II, Articles 269-272 of the Directive 2009/138/EC). The directive 
establishes coordination rules to ensure that the reorganisation measures adopted 
by the competent authority of a Member State to preserve or restore the financial 
soundness of an insurance undertaking produce full effects throughout the Commu- 
nity, in compliance with the law of the home Member State. The reorganisation 
measures referred to in the directive concern measures involving any intervention by 
the competent authorities which are intended to preserve or restore the financial 
situation of an insurance undertaking, and which affect pre-existing rights of parties 
other than the insurance undertaking itself, including but not limited to measures 
involving the possibility of a suspension of payments, suspension of enforcement 
measures or reduction of claims.” Other reorganisation measures such as the 
portfolio transfers of insurance companies or the appointment of an administrator 
to perform specific actions against the financial distress may also apply. 

According to the directive, the reorganisation measures shall not preclude the 
opening of winding-up proceedings by the home Member State. Also, the 
reorganisation measures taken in accordance with the legislation of the home 
Member State shall be fully effective throughout the Community without any further 
formalities, including against third parties in other Member States, even where the 
legislation of those other Member States does not provide for such reorganisation 
measures or alternatively makes their implementation subject to conditions which 
are not fulfilled. Such measures shall be effective throughout the Community once 
they become effective in the home Member State.”° To achieve mutual recognition 
of the reorganisation measures throughout the Community, it is necessary for the 
competent supervisory authorities of the Member States to cooperate and to coordi- 
nate their actions. 

The lex concursus rule, which stipulates that the reorganisation measures shall be 
governed by the laws, regulations and procedures applicable in the home Member 
State is not absolute. There are some deviations from this rule, which are provided in 
in Articles 285 to 292 of the directive. 
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The purpose of the directive does not seem to be the harmonisation of the national 
laws of the Member States in respect of the reorganisation measures for insurance 
undertakings that apply in each Member State, but rather to enhance the cooperation 
between the various Member States in such cases. Therefore, the directive aims to 
have binding force on all Member States to which it is addressed only in respect of 
the result it seeks to obtain, while it allows Member States freedom of choice on the 
means that can be applied to achieve the result, in matters in which national 
deviations and peculiarities need to be considered. In this respect, it seeks to 
establish coordination rules so that decisions by other Member States on the adop- 
tion of reorganisation measures can be fully effective in other Member States as soon 
as they take effect in the home Member State.’ 

The coordination of the competent authorities in respect of the adoption of 
reorganisation measures is addressed through a combination of the principles of 
unity, universality and coordination. The principle of unity is expressed through the 
exclusive competence that each Member State grants to its competent authorities to 
take decisions on reorganisation measures concerning a particular insurance under- 
taking, including its branches. It is only the home Member State’s supervisory 
authority of the insurance undertaking in distress that may adopt the relevant 
reorganisation measures and hold sole responsibility for them. 

The principle of universality is expressed through the following rules:”* 


(a) Recognition of the sole jurisdiction of the competent authority in respect of the 
reorganisation measures that are adopted in accordance with the law of the home 
Member State. 

(b) The application of a single system of law, the law in force in the home Member 
State (lex concursus). 

(c) The automatic recognition of the reorganisation measures adopted by the com- 
petent authority of the home Member State in accordance with the law if this 
Member State in all the other Member States. 


This automatic and mutual recognition of reorganisation measures in all EU 
Member States plays a decisive role in the coordination of decisions concerning 
reorganisation measures for insurance undertakings before they find themselves in 
financial distress. 

The coordination of the Member States on ensuring that the effects of decisions 
on reorganisation measures are produced throughout the European Union is 
achieved through the provision of relevant information to the supervisory authori- 
ties. In this respect, the competent authorities of the home Member State shall inform 
as a matter of urgency the supervisory authorities of that Member State of their 
decision on any reorganisation measure, where possible before the adoption of such 
a measure and failing that immediately thereafter. Then, the supervisory authorities 
of the home Member State shall inform as a matter of urgency the supervisory 


° Directive 2009/138/EC (Solvency II), Art. 269 par. 5. 
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authorities of all other Member States of the decision to adopt reorganisation 
measures including the possible practical effects of such measures.”” 

All insurance companies can face difficulties for various reasons. When such 
difficulties occur, it is to ensure that these are managed in a manner that minimises 
the impact on financial stability, policyholders and beneficiaries in all Member States 
involved.'°° In this respect, it is important that there is a legal framework in place 
providing the insurers with the appropriate tools and means to prevent or reserve a 
deteriorating financial situation of an insurance undertaking. As a general comment, 
it is to consider that a legal framework cannot solve financial problems of a company 
in distress but can be of help in terms of facilitating a restructuring process and 
enabling a smooth implementation of the restructuring measures taken from the 
competent authority on behalf of the company in distress.'°' Therefore, even if an 
efficient legal framework is in place, some companies in distress may recover but 
other may fail. However, it is important to achieve at the EU level a minimum 
harmonisation of national laws of the Member States in this respect by introducing 
general principles relating to recovery and resolution frameworks (i.e. appropriate 
preventive measures and pre-emptive recovery planning) for insurance undertakings 
to apply in a proportionate way, while at the same time leaving room for Member 
States to adopt additional measures at national level being compatible with the above 
general principles and requirements set at the EU level.'°* 


4 Greek Case Study: Aspis Pronia 


4.1 The Legal Framework 


In 2008, the supervision of insurance companies was passed from the Ministry of 
Trade to a legal entity namely the Private Insurance Supervisory Committee 
(PISC),'°* and in a short period thereafter it was further passed to the Bank of 
Greece which became the sole regulator of the private insurance sector.'°* The state 
supervision of the Greek private insurance and reinsurance industry is mainly 
governed by Law 4364/2016, which introduced in Greece the Solvency II Directive 


°° Directive 2009/138/EC (Solvency II), Art. 270. 

100 Central Bank of Ireland (2020), pp. 3, 4. 

101 See Baird (2010), p. 256: ‘Legal rules cannot cure nonlegal problems. Legal rules cannot make 
the imprudent wise and the unlucky fortunate. [. . .] Bankruptcy law cannot work miracles, and more 
harm than good comes from seeking that which cannot be had’. 

102 See Opinion on the 2020 Review of Solvency II (Chapter 12), EIOPA-BoS 20/749, 17 December 
2020; Central Bank of Ireland (2020), pp. 3-4. 

103 The PISC took over the supervision of insurance companies on 01.01.2008 by virtue of Art. 1 of 
Law 3229/2004. 


104The Bank of Greece took over the supervision of insurance companies on 01.12.2010 by virtue 
of Art. 1 par. 1 of Law 3867/2010. 
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(2009/138/EC), Articles 2 and 8 of Directive 2014/51/EU and Article 4 of Directive 
2011/89/EU. The insurance intermediaries’ conduct of business is governed by Law 
4583/2018 (implementing the Insurance Distribution Directive (IDD)). Insurers and 
reinsurers must conduct their business in a fit and proper manner and comply with 
the regulatory obligations that have been set to safeguard their soundness. These 
obligations are also compliant with the provisions of the EU Solvency II legislative 
framework enacted in Greece in 2016 (Law 4364/2016). On capital requirements, 
each insurance and reinsurance company is obliged to comply with the Solvency II 
regulatory requirements. For reinsurance companies, the minimum solvency margin 
should amount to at least 3 million Euros pursuant to Article 267 of Law 4364/2016. 
Insurance and reinsurance companies are placed under compulsory winding-up 
proceedings if their licence has been revoked on the grounds of failing to abide by 
solvency requirements, or if the regulator has frozen their assets pursuant to Law 
4364/2016. The proceedings have immediate effect in all EU and EEA Member 
States where the insurer is established. The liquidator is appointed by the country’s 
regulator and has the duty to notify all persons who are entitled to insurance 
compensation and domiciled in other EU and EEA Member States about the pro- 
ceedings and the procedure to notify their claims. Claims arising from compulsory 
third-party liability insurance are covered by the Auxiliary Fund. Claims arising 
from life assurance are handled by the Private Insurance Guarantee Fund 
(established by Law 3867/2010).!°° 


4.2 The Case of Aspis Pronia 


Aspis Pronia General Insurances S.A., a member of Aspis Group of Companies, was 
a Greece-based insurance company providing insurance plans for pension and 
investment programs, medical, family, individual and child coverage, as well as 
property and casualty insurance for over 1 million citizens in Greece, all of which— 
as a result of the company’s license having been revoked since 2009 because of 
Aspis Pronia’s inefficiency to cover its large financial deficit that exceeded EUR 
500 million, had been left in an unstable status quo. 

The revocation of the company’s license came as no surprise to the Greek market. 
Already since 2002 there were assumptions that there were issues with Aspis Pronia. 
Greek audit services have made discoveries over the company’s financial assets such 
as properties in Cyprus in inexistent locations, or properties in Romania that were 
appearing to cost as much as four times over their real price, while officials pertained 
that the former CEO Pavlos Psomiadis and his family have had misappropriated 
funds that reached EUR 50 million during and over the last 10 years of the 
company’s operation. The company was asked to find funds to cover the EUR 
250 million deficit and as no solution was reached, the license of Aspis Pronia was 


105 Giomelakis et al. (2020). 


192 K. Noussia et al. 


revoked, leaving over one million people in limbo. The Greek government acted by 
binding 50% of the assets of the Aspis insurance fund to prevent a following 
liquidation of the remaining assets of Aspis Pronia that were estimated at around 
EUR 130 million, for the benefit of the employees and those that were insured with 
Aspis. But, up until a solution would be found for the insureds of Aspis—such as 
transferring the contracts to other insurance companies (in fact a large amount of the 
contracts were already transferred to other insurers and relatively rapidly, but 
because most of these insurance policies were concerning health-covering costs or 
pension funds programs that had to be covered soon enough, it would mean no profit 
for the companies and no insurance firm was willing to take them), the Public 
Auxiliary Fund was appointed to cover the losses of Aspis and cover them. Those 
insureds have had to be compensated by the Life Guarantee Fund with 70% of their 
demands. "° 

As in other financial sectors,'°’ guarantee funds have been set up for the protec- 
tion of insureds and third parties in the insurance sector. °’ The Auxiliary Fund was 
established in 1986 to cover damage caused by car accidents and to give to third 
parties access to financial cover for damage and personal injuries caused by motor 
vehicles for any reason, and in any case not due to intentional misconduct by the 
insured, or when the insured cannot be identified, thus allowing the exemplification 
of a socio-economic safety net and purpose that benefits the public and the market. 
All insurers have had to participate in the Auxiliary Fund, which aimed to restate the 
insurer to its obligations and covered the risks of third-party liability in the event of 
insolvency or revocation of the operation licence. 

Following the revocation of the operating license of Aspis Pronia AEGA was 
revoked in 2009/2010 by Greek Government Gazette Vol 11292/21-09-2009 and 
Greek Government Gazette Vol 1468/26-02-2010 respectively, and the situation 
which evolved, i.e. the fact that thousands of Greek policyholders were left uncov- 
ered and uninsured in spite of having paid their premiums, a solution, albeit interim, 
was sought and it was under the ambit of the Greek Regulator (i.e. the Bank of 
Greece) that the Private Life Insurance Guarantee Fund was founded.'©’ Hence, the 
Greek legislature attempted to regulate and supervise the operation of life insurers by 
introducing the Private Life Insurance Guarantee Fund and its Management Com- 
mittee, which is composed of insurers (Articles 9, 11 and 12 of Law 3867/2010) also 
attempting to prevent any attempts to abuse the existence of funds and to protect 
policyholders. Further, the above special law on the Supervision of Private Insurance 
was introduced with the aim to achieve the rescue of the existing funds through the 


106 Xprimm (2012). 

107 Guarantee funds intended to protect customers of financial sector firms are established and 
operate in Greece in accordance with the respective EU directives (i.e. for credit institutions, the 
Deposit Guarantee and Investment Fund; for investment firms, the Co-guarantee Fund; and for 
credit risks relating to the settlement of the stock exchange transactions, the Auxiliary Fund); Issaias 
and Kalogerakou (2015). 

1087 ssaias and Kalogerakou (2015). 

10 Thid, 
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portfolio transfer of the above insurance companies in distress to a third party— 
successor of those insurance portfolios. '!° For the case whereby such portfolio 
transfer was not successful for any reason, this special law provided for a liquidation 
scenario and the termination of all relevant insurance policies. 

In this respect, the Greek regulator (Bank of Greece) issued a decision on the 
special process of the portfolio transfer of the above insurance undertakings as well 
as the required qualifications of the potential successor of such portfolios. |! The 
efforts of the portfolio supervisors to transfer the insurance portfolios of Aspis 
Pronoia remained unfruitful, among others, from failure to adequately estimate the 
exposure risk inherent in such transfer.'!* Finally, the deadline set by the Greek 
regulator for the completion of the transfer lapsed and a relevant decision was issued 
confirming the failure of the portfolio transfer process and also regulating the details 
of the inevitable liquidation scenario under the Legislative Decree 400/1970.! w 

In the case of Aspis Pronia, whose operating licence was revoked and which 
finally entered into liquidation, the Council of State has held''* that the liability of 
the state and its organs (i.e. civil servants) exists only in case of major fault on the 
part of the regulator. The Supreme Administrative Court has also found’ "> that the 
facts surrounding Aspis Pronia did not justify the triggering of such liability. Within 
the reasoning of this decision, the court held that the introduction of the law on the 
Private Life Insurance Guarantee Fund, which protected the insureds in that case, 
was a fundamental reason why the general basis of liability''° for acts or omissions 
of state organs cannot apply directly in cases where the action is brought against the 
regulator for acts or omissions of its officers in the performance of their supervisory 
duties.''” 

On 1 February 2021, the insurance liquidator announced the allocation of € 
20 million from the Private Life Insurance Guarantee Fund to meet claims from 
life insurance claims of Aspis Pronia AEGA which is under Insurance Liquidation. 
As per this announcement, the temporary distribution of each beneficiary, is to be 
made exclusively under the responsibility of the insurance liquidator after a propor- 
tional distribution, from his part, of the advance of € 20 million based on the amount 
of the claim of each beneficiary, which is amounting to circa 6.66%.''® 


110 Article 2 par. 1 b) of Law 3867/2010; Sobolou (2016). 
Decision No. 37/5/20-4-2012 of the Credit and Insurance Committee of the Bank of Greece. 


112 See relevant decision of the Credit and Insurance Committee of the Bank of Greece (Decision 
No. 37/4/20-4-2012). 


113 Decision No. 41/1/1-6-2012 of the Credit and Insurance Committee of the Bank of Greece. 
"l4Decision 3783/2014; Issaias and Kalogerakou (2015). 

115 Decision 3783/20141; Issaias and Kalogerakou (2015). 

116 Article 105 of the Greek Civil Code; Issaias and Kalogerakou (2015). 


117 Although this law was introduced only after the collapse of the insurer and the insureds and/or 
the failed insurer had paid no contributions to the Private Life Insurance Guarantee Fund, when the 
insurance policies were issued, they were covered by the fund; Issaias and Kalogerakou (2015). 


118 Asfalistiki Agora (2021). 
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5 Conclusions 


The restructuring of insurance companies is at points needed, be it in company law 
through the mechanism of M&A, or under EU legislation via portfolio transfer, or be 
it as winding-up and/or portfolio transfer as per the Cross-Border Mergers directive, 
as well as under the Solvency II directive. The position under the EU legislation and 
the paradigm of the case study of the winding-up of Aspis Pronia in Greece in 2009 
has shown that there exists fragmentation in the insurance portfolio transfers 
harmonisation in the EU. Our discussion has shown that asset sale has challenges 
within it as a process, but, when compared with other deal structures, is advanta- 
geous in that the liabilities can be left with the target company, and a major 
disadvantage is the existence of statutory measures asking the buyer to assume 
certain liabilities. Moreover, the large-scale formalities within asset sales presents 
its own significant costs, resulting in its limited application for most insurance 
companies. The contractual offer or the sale of shares is a method most common 
for companies seeking to take control of another company. There is also the route of 
adopting a scheme of arrangement, such as a share transfer scheme or a merger, 
which has the benefit of at the same time having the option to effect a merger and 
also implement a share sale for control. As our discussion has shown, schemes of 
arrangement for an insurance company in distress can be utilised to facilitate 
numerous restructuring methods, including restructuring of finance, mergers, and 
acquisitions. ' 19 The Directive on cross-border mergers sought to facilitate the cross- 
border merger of limited liability companies where at least two of the companies 
have their principal place of business governed by different Member States. 120 Tris a 
Directive that provides clarity as to which domestic laws apply but often reverts back 
to domestic and local provisions. The application of the directive on cross-border 
mergers and how they apply in the UK context when a domestic company is merged 
with an EEA company if all required formalities and votes have been complied with, 
the court may approve the cross-border merger. ‘7 The consequences are similar to 
the domestic scheme of arrangement whereby the assets and liabilities are trans- 
ferred, and the transferor companies are dissolved. Following Brexit, regulations 
governing the cross-border mergers have been revoked because of the UK’s with- 
drawal,'** and cross-border mergers have now ceased to be an option for insurance 
companies wishing to complete a merger with a company outside of the UK. As 
discussed, Solvency II created, for the first time, a fully harmonised regime for the 


119 Hostile takeovers have not been considered and are beyond the scope, for a detailed analysis of 
this as a method of control, see Kershaw (2016). 


120 Directive (EU) 2017/1132 of the European Parliament and of the Council of 14 June 2017 
relating to certain aspects of company law, Art 118. 


121 Thid, s 16. 


122The Companies, Limited Liability Partnerships and Partnerships (Amendment etc.) (EU Exit) 
Regulations 2019, s 5. 


Restructuring, Winding-Up & Portfolio Transfer of Insurance Companies in. . . 195 


prudential regulation of insurance and reinsurance businesses in Europe.'** Insur- 
ance companies have the option to effect a winding-up process which even if it does 
not fall into the strict remit of reorganisation is worth consideration for insurance 
companies in distress, as its effect is that a liquidator taking control of the com- 
pany!“ to facilitate the winding-up of the company and the distribution of assets, 
hence assisting in the dissolution of the company where restructuring may not be of 
economic benefit. In Greece, when the operating license of Aspis Pronoia AEGA 
was revoked in 2009/2010 and a large number of policyholders were left uncovered 
and uninsured in spite of having paid their premiums, the Greek state intervened and 
used the Private Life Insurance Guarantee Fund as a guardian interim mechanism to 
seek to protect the interests of policyholders. No solution has been found to date as 
there has been no interest in buying the bad portfolio of the defaulted insurance 
company. The above analysis and discussion, demonstrates the attempts to harmo- 
nise the legal landscape, and the struggles to achieve homogeneity, even more in a 
post Brexit era. On reorganisation and winding-up proceedings, Solvency II may 
fulfil the goal of ensuring coordination and cooperation between the supervisory 
authorities of the Member States in respect to the mutual and universal recognition of 
reorganisation measures and winding-up proceedings throughout the EU, but actu- 
ally does little to achieve this homogeneity and finally the harmonisation of the 
national laws as it refers back to the procedure in the domestic company’s jurisdic- 
tion to achieve the result of the reorganisation or the winding-up proceedings. The 
preceding analysis and discussion has identified how this can be problematic and that 
the application in multiple jurisdictions further exacerbates the challenges in iden- 
tifying and applying the most beneficial procedure. The UK’s withdrawal from the 
EU further limits the options available to UK insurance companies, which is likely to 
result in further winding-up, as opposed to rescue in times of distress. Further 
harmonisation efforts should seek to lift procedural burdens and simplify procedures 
including countries legally treated as EEA ones. Increasing harmonisation and the 
inclusion of simplified procedures has the potential to rescue more multi- 
jurisdictional companies in distress and thus adequately protect policyholders, as 
well as maintain financial stability in the EU. 
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Abstract Mergers and acquisitions (M&A) involve transactional risks, no matter 
how extensive and accurate the due diligence process is. This raises the question as 
to how transacting parties can be protected. Representations and warranties and 
indemnification provisions as well as escrow requirements, typically included in the 
acquisition agreement, may often prove to be inefficient and inadequate to this end. 
When negotiating these terms, transacting parties clearly have contrasting interests, 
and there could also be cases, especially in public company transactions or distressed 
sales, where the buyer may have no effective remedies against the seller after the 
closing. 

To overcome problems associated with seller’s indemnities, transacting parties 
increasingly avail themselves of some innovative insurance products, generally 
known under the catch-all name of “transactional insurance,” that provide coverage 
for risks arising out of extraordinary corporate transactions, including risks related to 
breaches of representations and warranties, tax liabilities, pending or potential 
litigation and other contingent liabilities. 

This chapter explores the role that insurance can play in managing transactional 
risk, discussing whether it may represent an efficient alternative to more traditional, 
contractual solutions like indemnity and escrow requirements. The discussion sug- 
gests that transactional insurance can serve as an effective risk-transfer tool in M&A, 
which may act as a supplement or also a substitute for seller indemnity obligations. 
By spreading transactional risk, insurance can facilitate M&A transactions and 
enhance the overall social benefit, providing economic security at a fraction of the 
cost that it would take for transacting parties to protect themselves. No problems of 
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adverse selection or moral hazard peculiar to the M&A context seem to arise and a 
steadily increasing use of insurance in M&A can be expected. 


1 Introduction 


Mergers and acquisitions (M&A) involve transactional risks, no matter how exten- 
sive and accurate the due diligence process is. Information asymmetries are inherent 
in most M&A deals, and it is no surprise that post-M&A disputes arising from 
inaccuracies and misrepresentations in seller’s disclosures are common, and severity 
of claims is on the increase.' This raises the question as to how transactional risk can 
be effectively managed and allocated. 

Representations and warranties included in acquisition agreements typically 
address this issue, as they facilitate the transfer of information to the buyer, reducing 
information asymmetry.” In private transactions they are generally accompanied by 
indemnification provisions by which the seller or the selling shareholders undertake 
to indemnify the buyer if representations and warranties turn out to be inaccurate 
after the closing. Escrow arrangements may also be in place, providing that a portion 
of the sales price is placed in escrow and can be paid to the seller subject to certain 
conditions. 

When negotiating representations and warranties and indemnification and escrow 
requirements transacting parties clearly have contrasting interests, as while the buyer 
wishes to obtain the maximum degree of protection, the seller seeks to minimize its 
liability. There could also be cases, especially in public company transactions or 
distressed sales, where the buyer may have no effective remedies against the seller 
after the closing. 

To remedy issues related with seller’s indemnities, insurance companies created 
some innovative products, generally known under the catch-all name of “transac- 
tional insurance,” and providing coverage for risks arising out of extraordinary 
corporate transactions, including risks related to breaches of representations and 
warranties, tax liabilities, pending or potential litigation and other contingent 
liabilities. 

This chapter explores the role that insurance can play in managing transactional 
risk, considering whether it can serve as an efficient alternative to more traditional, 
contractual solutions like indemnity and escrow requirements. 

The chapter rests on both practical and theoretical grounds. From a practical point 
of view to consider the role of insurance in M&A is undoubtedly relevant, as global 


"AIG, M&A: A rising tide of large claims, 2020, available at: https://www.aig.com/content/dam/ 
aig/america-canada/us/documents/business/management-liability/aig-manda-2020-w-and-i.pdf; 
Norton Rose Fulbright, After the deal: recent cases and trends in M&A disputes, 2018, available at: 
https://www.nortonrosefulbright.com/en/knowledge/publications/09047a9c/after-the-deal-recent- 
cases-and-trends-in-ma-disputes. 

Gilson (1984), p. 267 ff. 
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demand for transactional insurance has grown substantially over the last decade and 
insurance is regarded ever more as a common risk management tool in M&A.’ From 
a theoretical and systematic perspective, the question arises as to whether, by 
allowing parties to transfer transactional risks in exchange for a premium, insurance 
has the potential to enhance the overall social benefit facilitating the conclusion of 
beneficial M&A transactions or, on the contrary, may bring about distortion to M&A 
contracting, as it transfers liability from the parties that have superior access to 
information to the insurer, potentially triggering moral hazard and adverse selection 
problems. 

In this context, the chapter proceeds as follows. After this Introduction, Sect. 2 
focuses on traditional contractual solutions to manage transactional risk and mitigate 
potential liabilities, highlighting their main drawbacks. Section 3 turns to transac- 
tional insurance, examining representation and warranty insurance, tax liability 
insurance, litigation buyout and contingent liability insurance. Section 4 considers 
whether insurance can qualify as an efficient risk-transfer tool in M&A, also 
considering potential issues of moral hazard and adverse selection. Section 5 
concludes. 


2 Contractual Solutions 


Representations and warranties are typically included in acquisition agreements to 
remedy information asymmetry and manage transactional risk. They are made by the 
buyer and the seller to each other to provide full disclosure of all information 
relevant to the transaction. Whereas the buyer’s representations and warranties are 
mainly intended to prove its ability to legally execute the deal, the representations 
and warranties made by the seller are aimed at providing an accurate and complete 
description of different aspects of the company being sold.* 

Representations and warranties generally concern a company’s organization and 
good standing, capitalization, subsidiaries, organizational authority to enter into the 
agreement, financial statements, absence of undisclosed liabilities, property titles, 
contracts, litigation, compliance with law and agreements, taxes, employee benefit 
plans, labor disputes, environmental matters, and insurance policies.” 

Transacting parties warrant in the acquisition agreement that their representations 
are complete and accurate. In particular, if the seller’s representations and warranties 
turn out to be inaccurate before the closing, the buyer may reject or renegotiate the 
contract (bring-down clause), while if a breach is discovered after the closing, in 


3AON, Representations and Warranties Insurance Claim Study, 2020, available at: https://www. 
aon.com/risk-services/amats/20 1 9rwclaims. 


4Gole and Morris (2007), p. 155; DePamphilis (2010a), p. 93. 
>See Carney (2011), p. 1123 ss.; W. Gole, J. Morris, J. Ibidem, 154 ss. 
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private transactions, the buyer is normally entitled to get indemnification from the 
seller.° 

Representations and warranties are among the most heavily negotiated provisions 
in the sale and purchase agreement. Unlike buyers, who want absolute representa- 
tions and warranties, sellers insist on limiting their potential liabilities by using 
knowledge and materiality qualifiers. A knowledge qualifier limits the seller’s 
statements to the best of its “knowledge,” with the buyer insisting on interpreting 
the term as knowledge after a reasonable investigation, while the seller as knowledge 
of a fact without any duty to investigate.’ Materiality clauses, on the other hand, limit 
the accuracy of representations and warranties by providing that the representations 
must be true and correct in all material respects. A fact is regarded to be material if a 
reasonable investor would consider it important in making a decision on an acqui- 
sition transaction. Besides, materiality may also refer to the effect of a breach of 
representations and warranties, excluding liability for inaccuracies that do not have a 
material adverse effect.* 

If a breach of the seller’s representations and warranties is discovered after the 
closing, as noted above, indemnification provisions would require the seller to pay 
damages. Indemnification provisions also permit to allocate specific risks pending on 
the acquired company, that have been disclosed in the representations and warranties 
and the consequences of which cannot be calculated before closing, such as pending 
litigation, unpaid tax obligations or violations of environmental or labor laws.” 
Indemnification provision are common in private transactions, while in transactions 
where a public company is being acquired, representations and warranties generally 
do not survive the closing and no indemnity may be available to the buyer for 
breaches discovered after the closing as, especially in listed corporations with 
dispersed shareholders, it would not be feasible to get indemnification from selling 
shareholders. In addition, a lower degree of information asymmetry is generally 
found in public deals than in private transactions, given the disclosure requirements 
imposed on public companies and the consequent amount of information that is 
publicly available.'° 

Normally the seller wants the indemnification periods to be short. The term may 
vary from one to three years after the closing except for some claims such as tax, 
environmental or property and title that may survive beyond.'! 

As for the indemnifiable damages, the buyer is likely to want unlimited coverage 
for the reasonable cost of satisfying the incurred liabilities in addition to the amount 


°See DePamphilis (2010a), p. 93. 
7See W. Carney, Ibidem, 238. 
SW. Carney, Ibidem, 238 ff. 


°See D.M. DePamphilis, Mergers and Acquisitions Basics, Ibidem, 94; W. Gole, J. Morris, 
Ibidem, 157. 


10Hill et al. (2016), p. 409; Griffith (2020), p. 1851. 


W, Carney, Ibidem, 237; D.M. DePamphilis, Mergers and Acquisitions Basics, Ibidem, 94 f.; 
W. Gole, J. Morris, Ibidem, 157. 
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necessary to put the buyer in the position it would have been in without the breach of 
the representations and warranties. This may result in a request for damages in 
excess of the purchase price. Sellers, on the contrary, want to set a ceiling on the 
indemnity obligations and, at the most, agree to indemnify up to the purchase 
price.'* Generally, indemnification limits are well under the purchase price. "°? 

Moreover, the seller may insist on including a deductible or a “basket” to restrain 
claims for minimum damages. In the first case, when a loss suffered by the buyer 
exceeds the stipulated deductible amount, the seller is liable only for the amount of 
the loss above the deductible. If a “basket” is used, the buyer agrees not to assert 
indemnification claims until the aggregate amount of losses exceeds a specified 
basket amount. When the buyer’s losses exceed the basket amount, the seller is 
liable for the total amount of the losses. '* 

It should be noted, however, that there may be virtually no remedy for a breach of 
representations and warranties where no identifiable seller remains after the closing. 
This, for example, may be typical of asset purchases from companies that go into 
liquidation after the transaction, and more generally in distressed sales. Where the 
seller is privately held, the buyer may demand that (large) selling shareholders 
participate in the representations and warranties and that indemnification rights are 
conferred against them.'° If the shareholders consent, they will usually want the 
guarantee to survive for as short a time period as possible. This solution instead is 
impracticable where the seller is a publicly held corporation with dispersed 
shareholders. 

To protect himself from potential liabilities associated with the transaction, the 
buyer may also seek to defer the payment of part of the purchase price and put the 
unpaid portion in a holdback or escrow account. Transacting parties, nevertheless, 
need to agree on the amount to place in escrow, the length of time the proceeds are 
escrowed, the conditions of the escrow. Further, the seller is not likely to accept 
escrow arrangements without an increase in the purchase price.'° 


12W, Carney, Ibidem, 242 ff.; W. Gole, J. Morris, Ibidem, 157 f. 


13 American Bar Association, M&A Market Trends Subcommittee of the Mergers & Acquisitions 
Committee, (2009) “2009 Private Target Mergers & Acquisitions Deal Point Study,” 100, (showing 
that just 9% of the deals considered have indemnification limits between 50 and 100% of the 
purchase price); American Bar Association, M&A Market Trends Subcommittee of the Mergers 
and Acquisitions Committee (2008) “2008 Continental Europe Private Target Mergers & Acqui- 
sitions Deal Points Study,” 37, (highlighting that deals with indemnification limits set between 
50 and 100% of the purchase price account for the 22% of the sample); W. Carney, Ibidem, 245 f. 
(making reference also to other surveys). 

4D M. DePamphilis, Mergers and Acquisitions Basics, Ibidem, 95; W. Gole, J. Morris, Ibidem, 
157. See also W. Carney, Ibidem, 245 f. (distinguishing between a basket and a threshold. With a 
basket, the seller bears the losses in excess of the basket, while in the case of a threshold, when a loss 
exceeds the threshold amount, the seller is liable for both the threshold amount and any excess). 
!5See W. Carney, Ibidem, 236 ff. 


16 Paar (2002), p. 2. See also D.M. DePamphilis, Mergers, Acquisitions, and Other Restructuring 
Activities, Ibidem, 88 f., 424 ff. (where also reference to other mechanisms for managing risk, such 
as post-closing price adjustments). 
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When negotiating representations and warranties and indemnification provisions 
transacting parties have contrasting interests and need to reach agreement on several 
key points, including the scope of representations and warranties, the survival 
period, the definition of indemnifiable damage, indemnification limits, the portion 
of price to put in escrow. The possibility of deal breaker issues is strong. When 
disagreement does not result in the failure of the transaction, the compromise agreed 
to by the parties might be substantially different from their initial expectations. 
Should a breach of the seller’s representations and warranties be discovered after 
the closing, the risk that the buyer is left with no effective remedies exists.” 

In this context, to overcome the drawbacks associated with representations and 
warranties and indemnification provisions, and facilitate the conclusion of the deal, 
parties increasingly avail themselves of transactional insurance. 

Introduced in the United Kingdom and the United States in the 1990s, transac- 
tional insurance was not widely used at first mainly due to its novelty and lack of 
confidence by parties, high premiums and limited availability of coverage. With 
time, however, the market for transactional insurance has evolved: available cover- 
age is now broader, terms are more favorable, and rates are lower as there is more 
competition among insurers,'® while risk aversion of transacting parties has risen. "° 
Coverage has also become more widely known: global demand for transactional 
insurance nowadays is ever more on the rise, especially in the U.S. and U. K. 
markets,”° but also in continental Europe where the use of this type of insurance is 
on the increase.”! 


'7On the risk that representations and warranties and indemnification provisions might not ade- 
quately protect the buyer, see D.M. DePamphilis, Mergers, Acquisitions, and Other Restructuring 
Activities, Ibidem, 182; T.E. Lenson (2006), Lies, Damn Lies, and Fraud Claims in M&A Trans- 
actions, available at https://www.deallawyers.com/nonmember/podcast/lenson_item2.pdf. 

18 AON, Representations and Warranties Insurance Claim Study, 2020, 3, available at: https:// 
www.aon.com/risk-services/amats/2019rwclaims. 

19M.P. Lusk (2012) “Transactional Insurance: A deal Tool Whose Time Has Come,” | f., available 
at: https://www.mondaq.com/unitedstates/Insurance/198526/Transactional-Insurance-A-Deal- 
Tool-Whose-Time-Has-Come; C. Sternberg (2012) “Transactional Risk Insurance: Deal-Enabling 
Risk Transfer Solutions,” 1 f., available at: http://www.lockton.com/Resource_/PageResource/ 
MKT/Transactional%20Risk_for%20web%20posting.pdf. 

20 AON , Representations and Warranties Insurance Claim Study, Ibidem, 3. 

21 See Monti (2010), p. 361; De Lousanoff O. (2003) “Warranty and Indemnity Insurance in M&A 
Transactions,” International Law Office, available at: https://www.internationallawoffice.com/ 
Newsletters/Corporate-FinanceMA/Germany/Hengeler-Mueller-/Warranty-and-Indemnity-Insur 
ance-in-MA-Transactions, (noting that insurance for M&A is offered by a growing number of 
insurance companies and brokers in Germany). 
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In particular, insurance products for M&A transactions include: representation 
and warranty insurance,” tax liability insurance, litigation buyout and contingent 
liability insurance. 


3.1 Representations and Warranties Insurance 


Representations and warranties insurance is the most widely used type of transac- 
tional insurance.”* It became available towards the end of the 1980s in the United 
Kingdom and about a decade later in the United States. This type of insurance 
provides coverage against financial losses resulting from breaches of representations 
and warranties. It can serve as either a surety or indemnity of the seller’s indemnity 
obligations.” In the first case, the sale and purchase agreement includes indemnifi- 
cation provisions and the insurance policy serves the purpose of replacing 
completely or in part an escrow. In the latter case, insurance either can be entirely 
substituted for the seller’s indemnity obligation or may be used as an additional layer 
of coverage over a lower amount of indemnification liability assumed by the seller. 

Insurance is tailor-made to the needs of the individual transactions. Underwriting 
can be quite complex, and it is advisable that insurance companies and brokers are 
involved from the initial stage of the deal structuring process. Insurance companies 
and brokers, however, have gained adequate experience over time and are able to 
provide coverage within a limited period, meeting the deal timetable.” The applicant 
is expected to cooperate closely with the insurer and provide relevant information. 
The acquisition agreement is submitted to the insurer along with other relevant 
documents to promote underwriting review.” Once the insurer has reviewed all 
the materials, it issues a non-binding indication letter, presenting the general terms of 
the proposed coverage. If the applicant decides to execute the non-binding indication 
letter, then the insurer conducts a thorough review of the transaction with the 
possible assistance of outside counsel, basically re-examining the due diligence 


?2 Representations and warranties insurance is commonly referred to in the Europe as warranties and 
indemnity insurance (W&I). 

23 Gerber et al. (2012), § 32.01, Matthew Bender & Company, Inc., available at: http://www. 
lexisnexis.com, [hereinafter New Appleman, Mergers and Acquisitions Insurance], § 32.02 [1][a]. 


?4 See New Appleman, Mergers and Acquisitions Insurance, § 32.02 [2][al. 


?5 See C.C Zgutowicz, M.P. Lusk, Ibidem, 4 (noting that binding terms may be delivered within 1 to 
2 weeks). 


©The insured may not amend, supplement, or rescind the acquisition agreement, nor waive any 
rights thereunder, without the prior consent of the insurer if the modification or waiver would 
reasonably have an adverse effect on the insurer. See New Appleman, Mergers and Acquisitions 
Insurance, § 32.02 [5][c]. Among the other documents generally requested for underwriting review 
are: financial statements of the target company, a copy of the executed letter of intent, data room 
index or other due diligence document index, buyer’s due diligence request list, buyer’s due 
diligence memoranda, third party reports and opinions, working group list and other relevant 
materials. 
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process performed by the parties and makes a final decision as to whether to insure 
the risk and at what conditions.’ 

The insured under a representations and warranties insurance policy can be the 
buyer (buyer-side policy) or the seller (seller-side policy). A party to the transaction 
may also purchase coverage for the other party and vice versa. 

A buyer-side policy provides indemnity to the buyer for losses resulting from a 
breach of the seller’s representations and warranties. It allows the buyer to recover 
losses directly from the insurer without having to pursue remedies against the seller. 

A variety of reasons may lead buyers to purchase representations and warranties 
insurance. A buyer-side policy can be useful, for example, when the acquirer cannot 
successfully negotiate the desired level of indemnification from the seller or when it 
is concerned with its ability to recover damages because the seller may have financial 
difficulties or because recourse against the seller would be otherwise ineffective and 
expensive. Insurance can also be used strategically by a buyer to gain a competitive 
advantage over other bidders and avoid entering into endless negotiation with the 
seller over indemnification requirements. This way a buyer can accept a lower 
indemnification ceiling and may not need to insist on a holdback or escrow account, 
thus increasing the competitiveness of its offer.” A buyer may also consider that 
insurance coverage is less expensive than the growth of the purchase price demanded 
by the seller to afford the same level of indemnification. In addition, in public 
company transactions, where no indemnity is available to the buyer for breaches 
discovered after the closing, insurance can be a substitute for seller’s indemnity. 

A seller-side policy indemnifies the seller for, or pays on behalf of the seller, any 
loss resulting from claims made by the buyer for inaccuracies in the seller’s 
representations and warranties. Seller-side policies may be used when sellers, 
especially private equity firms, want to reduce their potential liability post-closing 
to the smallest amount possible, exiting the business and distributing sale proceeds 
to their investors or immediately reinvesting the proceeds. A seller-side policy also 
permits the seller to provide potentially interested buyers with higher indemnifica- 
tion limits, thereby making the deal more attractive and reducing the need for a 
holdback or escrow. 

No substantial differences typically exist in the structure and wording of repre- 
sentation and warranty insurance policies between the U.S. and the U.K. (and more 
generally European) market. The scope of coverage is determined in connection with 
the representations and warranties made by the seller in the sale and purchase 
agreement. The insurer normally selects the representations and warranties to insure 


?7New Appleman, Mergers and Acquisitions Insurance, § 32.02 [4]. 

28 New Appleman, Mergers and Acquisitions Insurance, § 32.02 [2][a]. See also Marsh (2012) 
“Contribution of Insurance in Facilitating Mergers and Acquisitions,” 10, available at: https://www. 
airmic.com/sites/default/files/legacy_files/Contribution%200f%20Insurance%20in%20Facilitating 
%20Mergers%20and.pdf (noting that sellers are increasingly suggesting buyer-side policies to 
bidders in an auction process). 

?°See New Appleman, Mergers and Acquisitions Insurance, § 32.02 [2][c]. See also Marsh 
“Contribution of Insurance in Facilitating Mergers and Acquisitions,” Ibidem, 16. 
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and may also intervene on the wording of the representations and warranties, 
restricting or clarifying their scope for coverage purposes only. A policy may also 
be issued on a “blanket” basis, thereby covering all the seller’s representations and 
warranties except for those excluded.*” 

Indemnification requests unrelated to representations and warranties are generally 
not covered. Some insurers, however, have also started offering a more innovative 
type of coverage—so-called synthetic representations and warranties insurance— 
that allows the buyer to agree to a set of representations and warranties directly with 
the insurer, removing the need for the seller to give representations and warranties in 
the sale and purchase agreement. This type of coverage can be advantageous for both 
transacting parties, as the seller would exit the transaction without the risk of facing 
liability for breaches of representations and warranties, while the buyer, in an auction 
scenario with multiple bidders, can make its acquisition offer more competitive. 

Representation and warranty insurance policies typically contain a prior knowl- 
edge exclusion that excludes coverage where the insured had knowledge of circum- 
stances leading to the breach at the time the policy incepted. The policy defines the 
persons who may have actual knowledge of a breach as those who supervised or 
conducted any due diligence in connection with the acquisition agreement, and/or 
those who supervised, prepared, or negotiated the acquisition agreement (“deal team 
members”). The names of the deal team members are generally listed in an appendix 
attached to the policy.*! 

Further, seller-side policies generally exclude coverage for breaches resulting 
from the seller’s fraud. This exclusion may be subject to a final adjudication of fraud 
before becoming applicable, otherwise a mere allegation of fraud can be an argument 
for the insurer to deny coverage. A severability clause may be inserted, ensuring 
coverage for innocent co-insureds. Buyer-side policies, instead, do not contain a 
fraud exclusion and, therefore, are considered to provide broader coverage,’ and 
they represent almost the totality of the policies issued.’ Other exclusions specific to 
representation and warranty insurance may concern unfulfilled projections and 


3°New Appleman, Mergers and Acquisitions Insurance, § 32.02 [3][a]. 


3! Representation and warranty insurance provides coverage for breaches of representations and 
warranties made by a definite set of persons (i.e., the deal team members) that may include not only 
directors and officers but also shareholders and various outside advisors. It follows that the scope of 
this type of insurance is different than that of Directors and Officers (D&O) insurance which, on the 
contrary, provides liability coverage for the company’s directors and officers against claims that 
may arise from the decisions taken within the scope of their managerial duties. In addition, it should 
be noted that D&O insurance policies may include contractual liability exclusions, while coverage 
for claims against the company itself is typically limited to securities claims. On the differences 
between D&O insurance and Representations and Warranties Insurance, see New Appleman, 
Mergers and Acquisitions Insurance, § 32.02 [1][c]. 


2New Appleman, Mergers and Acquisitions Insurance, § 32.02 [5][b] (emphasizing that buyer- 
side policies may entail higher premium as a result). 

33Marsh, Transactional Risk Insurance Report, 2019, available at https://www.marsh.com/us/ 
insights/research/transactional-risk-insurance-outpaced-global-deal-activity.html. 
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forward-looking statements and losses due to price adjustments based on the seller’s 
net worth determined after a post-closing audit.** 

Insurance coverage usually begins with the closing of the transaction and is 
provided for at least the survival period set in the acquisition agreement. It is quite 
frequent, however, that the policy period lasts beyond the survival period indicated 
in the acquisition agreement, to the advantage of the parties involved in the trans- 
action. In general, policy periods may vary between 18 months and four years. A 
different expiry date may also be set with respect to some of the seller’s represen- 
tations and warranties.” 

Depending on the need for coverage that parties to the transaction may have, 
policy limits can be set up to $50 million, although larger programs may be 
structured on a case-by-case basis. Broader coverage may be achieved through tiered 
insurance programs that combine primary insurance with excess insurance, thereby 
increasing coverage limits even up to $200 million per transaction.*° 

Both buyer-side and seller-side policies contain some form of risk retention. 
Typically, deductibles between 1% and 3% of the transaction value are included, 
depending, for example, on the type of business being acquired, the due diligence 
performed, the nature and scope of the representations and warranties. The insurance 
premium generally ranges between 2% and 8% of the amount of insurance pur- 
chased, depending on the nature of representations and warranties, the policy period 
and the retention applied.*” 


3.2 Tax Liability Insurance 


Tax liability insurance is another solution aimed at facilitating M&A deals. Tax 
considerations are clearly important in M&A transactions and often parties are not 
able to obtain in time an advance tax ruling clarifying the treatment that will be 
applied to a proposed transaction. Uncertainty regarding tax results may even 
obstruct the completion of a proposed deal. 


*4Losses resulting from pollution, bodily injury and property damage, consequential, multiplied, 
punitive or exemplary damages and criminal fines or penalties are generally not covered either since 
they may be covered under other liability policies. New Appleman, Mergers and Acquisitions 
Insurance, § 32.02 [5][b]. 

35New Appleman, Mergers and Acquisitions Insurance, § 32.02 [3][b] (highlighting that where the 
acquisition agreement establishes different survival periods for some of the seller’s representation 
and warranties, the insurance policy may have different periods of coverage as well). 
3°Representation and warranty policies are deemed best suited to transactions where the value is 
$25 million to $1 billion. See New Appleman, Mergers and Acquisitions Insurance, § 32.02 [3][c]. 
37New Appleman, Mergers and Acquisitions Insurance, § 32.02 [4]; M.E. Betzen, M.T. Goglia 
(2005) “Insuring for Accuracy,” 1, available at: https://www.jonesday.com/files/Publication/ 
bff201d2-36a4-4c94-ad92-3a6a979c7229/Presentation/PublicationAttachment/ala30e34-58f8- 
406e-a822-2eae225c46d1/BetzenGoglia050905.pdf. 
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Tax liability insurance allows parties to reduce or eliminate potential tax expo- 
sures resulting from the tax treatment of a transaction. It covers unexpected tax 
liabilities resulting from an unfavorable tax authority’s ruling. Most policies also 
cover the costs of contesting the tax authority’s ruling, including the expenses of 
outside counsels and accountants, as well as interest, non-criminal fines, and penal- 
ties,** provided that fines and penalties are insurable under the applicable law.*” 

Policies are generally written on a manuscript basis to meet the specific needs of 
the individual transactions. To promote underwriting review, the prospective insured 
is generally required to provide the insurer with a tax opinion prepared by the 
taxpayer’s counsel, along with supporting documents and possible correspondence 
with the tax authorities.“° After evaluating the tax risk, the insurer usually sends a 
non-binding indication letter, stating the general terms and conditions of the pro- 
posed coverage. Once the applicant decides to execute the indication letter, the 
insurer conducts a thorough review of the transaction, with the assistance of outside 
counsels and advisors, and a final coverage decision is made. 

The coverage period usually is aligned with the applicable statute of limitations. 
Generally, up to $20 million in coverage is available for any transactions, although 
larger limits can also be available. Retentions and premiums are determined on a 
case-by-case basis, also considering the nature of the transaction, the probability of 
adverse tax results, the probable cost of defense.*! 

Tax liability insurance typically excludes coverage for purely tax motivated 
transactions, lacking a legitimate independent business purpose. Transactions qual- 
ified as tax shelter are not likely to be covered either. Further, coverage is generally 
not available for losses resulting from changes in the law and for transactions that are 


38R, Paar, Ibidem, p. 2; New Appleman, Mergers and Acquisitions Insurance, § 32.03 [2]. 


Restrictions on the insurability of fines and penalties are generally in place in Europe. See, e.g., 
Article 12 of the Italian Private Insurance Code providing that losses arising from administrative 
fines and penalties cannot be insured, otherwise the insurance contract is void. For an overview of 
the law on the insurability of fines and penalties in some European and non-European countries, see 
Banks, Richard (2007) “International Comparative Review of Liability Insurance Law,” Insurance 
Day, available at: https://www.bld.de/fileadmin/bld/txt_pdf/ID_Int_l_Legal_guide_120607.pdf. 
See also Denslow A., Baks B., Daidone M. (2018) “10 Things Every Insurer Should Know,” 
available at: https://cms.law/en/int/publication/ten-things-every-insurer-should-know. 


40Tn some cases, insurance may also be issued without a supporting tax opinion, depending on the 
type of tax issue, the taxpayer’s particular factual representations and the legal analysis provided. 
See AIG “Tax Liability Insurance,” available at: https://www.aig.com/business/insurance/mergers- 
and-acquisitions/tax-liability-insurance. 


4l The overall structure of the insurance coverage clearly matters in determining the premium, since 
consideration should be given, for example, to retention, coinsurance arrangements or possible 
partial refunds of a significant premium when no losses occur during the policy period. See also 
New Appleman, Mergers and Acquisitions Insurance, § 32.03 [10]. See also AIG “Tax Liability 
Insurance,” 1, available at: http://www.aig.co.uk/chartis/internet/uk/eni/Tax %20Liability %20Insur 
ance%20-%20Information %20Sheet%20A1160739%201212_tem2538-372590.pdf (stating that 
premiums so far charged range between 3% and 12% of the limit of liability purchased). 
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already under audit or are being contested by the tax authorities. A fraud exclusion is 
also included.** 

Tax liability insurance is ever more common in M&A transactions." Private 
letter rulings from tax authorities, in fact, are normally time-consuming, while 
relying merely on the professional liability or error and omissions insurance cover- 
age owned by tax advisors may turn out to be unsatisfactory.“* Tax liability 
insurance may then allow parties to manage tax uncertainty in M&A transactions, 
also considering that there could be cases where indemnity obligations of the seller 
might be unfeasible or otherwise ineffective. 


3.3 Litigation Buyout Insurance and Contingent Liability 
Insurance 


Litigation buyout insurance enables transacting parties to manage risks resulting 
from any anticipated or ongoing litigation, arbitration or other claim involving 
liabilities either uninsured or underinsured.*° Litigation buyout insurance can 
prove particularly useful, as pending or threatened litigation may hinder the closing 
of a transaction where, for example, financial sponsors withdraw or the settlement of 
the claim cannot be negotiated in time for the deal. Insurance allows parties to 
exactly quantify future exposures by transforming contingent third-party claims into 
a fixed insurance cost. 

The policies are tailor-made to fulfill specific needs of individual transactions 
and can provide coverage for a wide range of matters, such as securities litigation, 
contractual disputes, products liability, intellectual property disputes, successor 
liability and employment practices liability.4” Risks may relate to the litigation 
outcome or the amount of damages awarded. Insurance may cover either a particular 


46 


“New Appleman, Mergers and Acquisitions Insurance, § 32.03 [5][a] (noting that the accuracy of 
taxpayers’ factual representation and the proper filing and compilation of tax returns are not 
generally covered). 

43 See Kahn (2009), p. 7 (where also reference to other mechanisms for shifting tax risk). 

44In the event of a payment by the insurer under a tax liability insurance policy, the insurer is 
typically subrogated to all of the insured’s rights of recovery against tax advisors and other persons 
or entities relating to such a payment. See New Appleman, Mergers and Acquisitions Insurance, § 
32.03 [12]. 

45New Appleman, Mergers and Acquisitions Insurance, § 32.04 [1]. 

“©The underwriting process is similar to that employed in connection with representation and 
warranty insurance and tax liability insurance and it is based on an initial review leading to a 
non-binding indication letter. A final coverage decision is made after the insurer conducts a 
thorough examination of the transaction, with the assistance of outside counsels and advisors. A 
non-refundable underwriting fee is normally charged. See New Appleman, Mergers and Acquisi- 
tions Insurance, § 32.04 [8]. 

47New Appleman, Mergers and Acquisitions Insurance, § 32.04 [9]. Issues may arise as to the need 
for confidentiality that the applicant has in connection with the underwriting review. To protect the 
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known lawsuit or a portfolio of lawsuits or claims. Considering the uniqueness of the 
insured risk, premiums, policy limits, and the amount of retentions are set on a case- 
by-case basis, considering the severity of the underlying risk and the policy 
structure.** 

Litigation buyout insurance can be issued in three different versions: buyout, cap, 
and appeal hedge. The buyout provides coverage for all losses resulting from a 
specific dispute, including defense costs, while under the cap version the insurer 
assumes liability in excess of a certain amount that is retained by the insured and 
possibly covered through existing primary insurance. Appeal hedges, instead, permit 
the insured to secure the benefits from a favorable judgment against possible reversal 
on appeal.*” 

The degree of defense control exercised by the insurer differs among the three 
types of insurance. In particular, in a buyout, the insurer normally assumes the entire 
risk in exchange for the complete control of the litigation. The insured, nevertheless, 
is required to cooperate and participate in the litigation. In a cap or hedge, on the 
contrary, the insured may maintain control of the defense, considering that it shares 
the same interest with the insurer.°° 

In addition to fraud, insurance policies typically exclude coverage against claims 
for personal profit, including claims based on insider trading or for usurpation of 
corporate opportunities. Further, losses due to claims filed by governmental and 
quasi-governmental entities are not indemnified either.°! 

Finally, it is worth noting that contingent liability insurance is also available, 
providing tailor-made insurance coverage for risks specific to single transactions, 
ranging from potential successor liability and losses deriving from defects or failure 
of property titles, to government and regulatory approvals, contractual disputes, 
environmental liability, employment matters and intellectual property infringements. 
Premiums and other policy conditions are determined on a case-by-case basis 
according to the nature of the specific liability to be insured and the overall structure 
of the insurance policy. 


privileged information transmitted by the applicant, the insurer is required to sign a confidentiality 
agreement. 

48 Insurance policies may include return premium or additional premium provisions. See New 
Appleman, Mergers and Acquisitions Insurance, § 32.04 [3] (explaining that return premium 
provisions provide for the return of part of the premium to the insured if the policy is canceled or 
certain claims do not occur, while additional premium provisions require the insured to pay some 
extra amount in premium because of losses paid or incurred under the policy). 

4New Appleman, Mergers and Acquisitions Insurance, § 32.04 [3]. 

>°Tn a cap or hedge policy, however, the insurer and the insured may also agree that control is given 
to one of them, subject to the consent of the other on major issues. See New Appleman, Mergers and 
Acquisitions Insurance, § 32.04 [7]. 


5I New Appleman, Mergers and Acquisitions Insurance, § 32.04 [5][c]. 
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4 Transactional Insurance in M&A Contracting 


As discussed above, transactional insurance allows parties to overcome problems 
associated with seller’s indemnities and reduce exposure to transactional risk. In 
principle, insurance can prove to be particularly useful in no indemnity deals 
involving public company targets or distressed sellers, where it can act as a substitute 
for seller’s indemnity obligations, but it can also be used as a supplement to seller’s 
indemnity, when the buyer cannot negotiate the desired level of indemnification or 
when it is concerned about its ability to recover from the seller after the closing. In an 
auction with multiple bidders, insurance may also give buyers a strategical advan- 
tage over other competitors. Moreover, it permits to reduce or eliminate the need for 
escrow arrangements, and this seems especially important after the COVID-19 
pandemic outbreak, as companies have been experiencing a deepening liquidity 
crisis and avoiding escrow requirements can provide enhanced liquidity to sellers. 

It has been argued, however, that insurance may introduce potential distortions to 
the M&A contracting process, since the transfer of risk from the seller (i.e., the party 
that has superior access to information) to the insurer can create a credible commit- 
ment problem, as the seller may exercise a lower degree of care in providing relevant 
information to the buyer and this can undermine efficiency in M&A contracting. The 
fact that transactional insurance may bring about adverse selection and moral hazard 
issues in M&A contracting has also been emphasized.°* 

The credible commitment problem is clearly more relevant to private transactions 
than public company transactions, since, as discussed above, when the target is a 
public company due diligence is mainly based on information that is publicly 
available and the buyer normally cannot rely on indemnity provisions to protect 
itself against inaccuracies in the representations and warranties, so that the concern 
for possible lower care exercised by the seller loses relevance in public company 
transactions. Even in private transactions, the transfer of transactional risk to the 
insurer seems not to exacerbate the credible commitment problem, which is ulti- 
mately counterbalanced by the buyer’s interest to conduct a thorough due diligence 
to gather information about the target and decide whether to enter into the transac- 
tion, negotiate certain terms or adjust the consideration to offer. 

Also, adverse selection and moral hazard, which are typical issues in insurance, 
seem not to pose peculiar problems in M&A. Adverse selection implies that a risk 
pool will progressively consist of high-risk individuals, that value insurance more 
than low-risk individuals and have an information advantage over the insurer, 
thereby preventing the formation of an insurance pool. It should be noted, however, 
that adverse selection normally does not create significant problems to properly 
designated insurance arrangements.”> Due diligence and representations and 


S.J. Griffith, Deal Insurance: Representation & Warranty Insurance in M&A Contracting, 
Ibidem, 1839 ff. 

53T, Baker, Insurance against misinformation in the securities market, 2006, 16, available at: 
https://papers.ssrn.com/sol3/papers.cfm?abstract_id= 1010106. 
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warranties restrain information asymmetries in M&A and allow insurers to set rates 
that discriminate based on risk. Moreover, it is fair to assume that adverse selection 
in transactional insurance would operate not profoundly different than in other 
sectors, such as D&O insurance, where information asymmetries exist but do not 
prevent the formation of an insurance pool.’ 

As regards moral hazard, which basically implies that insurance reduces the 
insured’s incentives to avoid a loss, it should be noted that transactional insurance 
policies seem well designed to address moral hazard concerns. Policy limits, deduct- 
ibles and exclusions as well as, in buyer’s policies, subrogation rights of the insurer 
in case of fraud by the seller align the insurer’s and insured’s interests, reducing 
parties’ incentives to exercise a lower degree of care. 

Transactional insurance thus appears as an effective risk-transfer tool that can 
facilitate the conclusion of M&A deals. It allows parties to transform potential future 
liabilities into a quantified insurance premium that can be allocated as part of the 
purchase price, providing certainty and strategic advantages. A steadily increasing 
use of insurance in M&A deals can be expected. 


5 Conclusion 


No matter how extensive the due diligence, losses related to transactional risks in 
mergers and acquisitions occur. Traditional mechanisms used to allocate risk 
between transacting parties may turn out to be inefficient and inadequate. Represen- 
tations and warranties and indemnification provisions are among the most heavily 
negotiated provisions in the sale and purchase agreement. The parties have 
contrasting interests during the negotiation of these terms and the possibility of 
deal breaker issues is strong. When disagreement does not result in the failure of the 
transaction, the compromise agreed by the parties may be inefficient and unsatisfac- 
tory for either or both of them. In some cases, depending also on the form of 
acquisition, there is a fair chance that the buyer will have insufficient remedies 
against the seller after the closing. 

Transactional insurance provides effective solutions to manage transactional risk, 
whether related to indemnity obligations, tax uncertainty, pending or threatened 
litigation or other contingent liabilities. Insurance is tailor-made to meet the needs of 
transacting parties and may be used as a supplement or also a substitute for seller 
indemnity obligations. By spreading transactional risk, insurance can promote 
beneficial transactions that might not otherwise occur and enhance the overall social 
benefit, providing economic security at a fraction of the cost that it would take for 
transacting parties to protect themselves. 


54 See generally T. Baker, Ibidem, 17. 
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Abstract Recent developments in FinTech and RegTech marked the EU’s pivot 
towards a digitally driven Capital Markets Union and a concomitant algorithmic turn 
in EU financial supervision under the leadership of the three European Supervisory 
Authorities (ESMA, EBA, EIOPA). Starting from the premise that the EIOPA’s 
relevant initiatives are driven from the Authority’s normative and institutional 
environment as well as the perceived technological affordances of RegTech, this 
chapter provides a ‘reality check’ of the algorithmic future of EU financial supervi- 
sion in the field of insurance as an aspect of EU financial markets’ governance. On 
the one hand, it finds that an important blind-spot in the EIOPA’s agenda is the 
absence of a concrete plan for a system of digital reporting. On the other hand, it 
examines what it takes to set up a system of digital reporting. To that end, it focuses 
on three interrelated issues: The technology that will be required to provide the 
infrastructure of digital reporting and its limitations, difficulties with the conversion 
of regulatory content into code, and issues of reporting architecture and governance. 
The ultimate objective of this chapter is to inform the agenda of the digital transfor- 
mation of EU financial market oversight in anticipation of future challenges while 
relevant policy and legal debates are still on-going. 
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1 Introduction 


This article seeks to contribute to the relevant policy and legal discourse about the 
digital transformation of financial market governance in the EU focusing on issues of 
transnational insurance supervision. It explores the minimum steps required to 
integrate data sharing, data analytics and automated monitoring in EIOPA’s super- 
vision, and the opportunities and challenges that EIOPA is likely to encounter. At a 
more theoretical level, this article illustrates the explanatory power of current 
theoretical scholarship on algorithmic regulation in the field of EU insurance regu- 
lation. Developments in this specific field of EU law deserve special attention. Quite 
apart from the significance of a robust insurance market for EU economic growth 
and prosperity, as this chapter is going to show, the digitalisation of transnational 
insurance oversight in the EU exhibits a range of challenges that are not present 
when similar initiatives are confined within the jurisdictional boundaries of a specific 
sovereign State. 

The main thesis of this chapter is that a system of digital reporting is an essential 
precondition for the implementation of insurance supervisory technology (SupTech) 
in the EU, but setting it up may prove to be an incredibly challenging project in 
reality. To substantiate this thesis, Sect. 2 provides a brief overview of EIOPA, its 
operating environment and how principles of EU administrative law shape its 
SupTech mission and mandate. Section 3 portrays the Authority’s role in the digital 
transformation of insurance supervision in the EU and the evolution of its strategy to 
point to an important blind-spot: the absence of a comprehensive plan of action for 
the development of a digital system of regulatory reporting in the field of EU 
insurance supervision. Section 4 proceeds to discuss a series of themes in relation 
to the setting up and running of a system of digital reporting in anticipation of future 
challenges, and to briefly outline potential responses to those problems. These relate 
to the limitations of the technology that will be required for digital reporting given its 
current and foreseeable degree of sophistication, a series of difficulties with the 
conversion of regulatory content into code and, lastly, issues of reporting architec- 
ture and governance. The chapter concludes with a summary of its main findings. 

Our methodology is partly theoretical, partly comparative, and partly diagnostic. 
On the one hand, it borrows insights from a burgeoning body of interdisciplinary 
literature in the field of algorithmic regulation to articulate the main tenets of EU 
supervisory technology in the field of insurance. On the other hand, it compares EU 
developments with experience in the UK and other jurisdictions to contextualise the 
discussion and explore potential solutions. For this article, the term algorithmic 
financial supervision will be understood in its broader possible sense as a decision- 
making system that undertakes regulatory activities by continuously generating 
knowledge through computation of real-time data collected from the regulated 
environment, in order to optimise regulatory processes.' EU public discourse on 
digital transformation of the governance of the EU Single Market draws a distinction 


"Yeung and Lodge (2019), p. 5. 
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between Fintech and RegTech, and perceives SupTech as an aspect of RegTech. For 
this chapter, we adopt the same conceptual distinctions.” 


2 EIOPA, Its Operating Environment and How EU 
Principles of Administrative Law Shape Its SupTech 
Mission 


EIOPA executes its digital supervision strategy within the legal and institutional 
framework of the European System of Financial Supervision (ESFS), whose objec- 
tive is to promote market integration through legal convergence, and also consumer 
protection and financial stability.’ The ESFS shapes and constrains the feasibility of 
an EU-wide system of digital reporting significantly because it is structured along 
EU principles of administrative law which act as constitutional and administrative 
boundaries to the respective mandates of the European Supervisory Authorities 
(ESAs) including of course that of EIOPA.* For present purposes the following 
four are of particular relevance: the conferred powers principle, the subsidiarity 
principle, the proportionality principle, and the Meroni doctrine. 


2.1 The Conferred Powers Principle 


The principle of conferred powers provides that the EU’s competencies are limited to 
those conferred on it under EU treaties. The principle has three dimensions: (i) the 
EU’s competence to establish an agency; (ii) whether the agency’s powers form part 
of the EU’s competencies; and (iii) whether the agency has been granted those 
powers under its founding EU legislation.° For present purposes, the discussion is 
limited to the last question: whether, under its founding legislation, EIOPA has the 
competencies to establish EU-level digital reporting. This necessitates an analysis of 
its objectives, tasks and powers. 

EIOPA is an operationally independent Union agency with responsibility over the 
supervision of the insurance and occupational pensions sector in Europe. In pursuit 
of its mission, EIOPA undertakes a series of initiatives to promote supervisory 
convergence, strengthen consumer protection and preserve financial stability. 


?For a different conception, see Buckley et al. (2020). See also EIOPA’s SupTech definition in 
EIOPA (2020a): ‘the use of technology by supervisors, to deliver innovative and efficient super- 
visory solutions that will support a more effective, flexible, and responsive supervisory system’. 


3European Commission (2014), p. 2. 

“See Chiti and Vesperini (2018), pp. 230-235. 

> Article 5 of the Treaty of the European Union (TEU). 
ĉSee Chamon (2016), p. 136. 
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Specifically, the objectives of EIOPA include preventing regulatory arbitrage and 
promoting competition, regulatory harmonisation and supervisory convergence 
among national regulators.’ It also includes strengthening international supervisory 
coordination, regulating and supervising risk-taking by regulated entities, enhancing 
customer and consumer protection, and enhancing supervisory convergence across 
the internal market.* These objectives ultimately feed into the objective of ensuring 
the integrity, transparency, efficiency and orderly functioning of the internal 
market.” 

EIOPA’s supervisory tasks include the development of draft regulatory and 
implementing technical standards, guidelines, recommendations, opinions, and 
other related measures.'° In addition, EIOPA is tasked with contributing to the 
consistent application of legally binding Union acts; organising and conducting 
peer reviews of National Competent Authorities (NCAs); and undertaking market 
analysis to inform discharge of the authority’s functions.'' Other tasks include 
protection of insurance sector consumers, beneficiaries, customers, investors; and 
contributing to consistent and coherent functioning of college of supervisors.'* The 
2019 amendments have also included a related task in contributing to common 
regulatory and supervisory standards and practices: developing and maintaining a 
Union supervisory handbook, which sets out the best practices and high-quality 
methodologies and processes.'* Notably, this mandates EIOPA’s consideration of 
changing business practices and models, which certainly include digitalisation of the 
financial sector, and the emergence of Fintech, RegTech and SupTech. 

The 2019 amendments have strengthened EIOPA’s legal jurisdiction in relation to 
SupTech. EIOPA is required to monitor and assess market developments, including 
in innovative financial services.'* In addition, it is tasked with contributing to the 
establishment of a common Union financial data strategy.'* As discussed further 
below, data strategy is an essential precondition for digital regulatory reporting. 
More importantly, when carrying out all its tasks under the Regulation, EIOPA is 
also required to consider technological innovation, innovative sustainable business 
models, and the integration of ESG factors.’® It is worth noting that before the 2019 
amendments, the treaty and legislative provisions empowering EIOPA, ESMA and 
the EBA were broadly interpreted to include the consideration of developments in 


7 Articles 1(6) and 8(1) of Regulation (EU) No. 1094/2010 establishing EIOPA. 
Ibid. 

“Ibid. 

10See Articles 8(1) and (2) of Regulation (EU) No. 1094/2010 establishing EIOPA. 
1 See Articles 8(1) and (2) of Regulation (EU) No. 1094/2010 establishing EIOPA. 
"Thid. 


13 Article 8 (1)(aa) of Regulation (EU) No. 1094/2010. See also Regulation (EU) 2019/2175 of 
18 December 2019, which amends the three ESA founding Regulations. 


14 Article 8 (1)(£) of Regulation (EU) No. 1094/2010. 
'S Article 8(1)(ia) of Regulation (EU) No. 1094/2010. 
' Article 8(1a)(c) of Regulation (EU) No. 1094/2010. 
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technological innovation.” Nevertheless, the EU law makers considered it essential 
to be explicit in the legislative text, demonstrating the necessity of a SupTech 
strategy for ESAs in the evolving digital insurance ecosystem.' 

EIOPA’s powers under Article 8(2) largely mirror its roles enumerated under 
Articles 8 (1) and (la), and include the powers to: develop draft regulatory and 
implementing technical standards; issue guidelines and recommendations; issue 
warnings relating to financial stability, take individual decisions addressed to 
NCAs; take individual decisions addressed to financial institutions in specific 
cases concerning directly applicable union law; issue opinions to the European 
Parliament, the Council and the EC. Other powers include: collecting from the 
NCAs (rather than regulated entities) the necessary information concerning financial 
institutions; ° developing common methodologies for assessing the effect of product 
characteristics and distribution processes on the financial position of institutions and 
on consumer protection; and providing a centrally accessible database of registered 
financial institutions.” 


2.2 The Subsidiarity Principle 


The subsidiarity principle restricts EU action only to what is strictly necessary for 
EU governance needs.”’ It is evident in the composition of the ESFS, which consists 
of the three European Supervisory Authorities (EIOPA, ESMA and the EBA) a joint 
committee of the ESAs, the European Systemic Risk Board (ESRB), and NCAs.”” 
Despite their designation as ‘supervisory authorities’, ESAs act largely as conveners 
of a technocratic transnational network of regulatory governance consisting of the 
so-called NCAs, which retain direct supervisory powers over market actors in their 
respective national jurisdictions.” Prima facie, ESAs enjoy indirect regulatory 


17 See European Commission (2014), p. 4. The EC notes that ‘the scope of the mandate of the ESAs 
is sufficiently broad...’. See also European Commission (2019b), p. 64. The expert Group on 
Regulatory Obstacles to Financial Innovation (hereafter ROFIEG) recommended a collaboration 
between ESAs, NCAs and financial institutions in making EU financial regulations machine- 
readable and machine-computable. 

18 The reforms were also motivated by the need to avoid tensions in the interpretation of the Meroni 
Doctrine. The discussion of the Meroni doctrine appears on Sect. 2.4. See also Chiti (2015), p. 12 
for a discussion of the concerns with the broad interpretation of ESA competencies. 

See Articles 8(1) and (2), and Article 35(1) of Regulation (EU) No. 1094/2010 establishing 
EIOPA. 


Ibid. 
?1 Article 5(3) of the Treaty on the Functioning of the European Union (TFEU). 
?2 See European Commission (2014), p. 2. 


?3 See Simoncini (2015), p. 324. The author explores the tensions between the subsidiarity princi- 
ples and the need to centralise supervisory tasks at the EU level, to ensure more financial market 
stability. 
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powers over regulated entities, in the form of supervision of national regulators. 
However, ESAs also enjoy last-resort powers to adopt individual decisions 
addressed to financial institutions, in three instances: in the event of a breach of 
EU law, in an emergency and, last but not least, to settle a dispute between two or 
more NCAs in a cross-border situation.” The main function of ESAs is therefore the 
convergence of NCAs’ supervisory practices, in accordance with the subsidiarity 
principle.” However, the supervisory autonomy of NCAs has been critiqued as an 
impediment to the achievement of legal convergence and a capital markets union.” 
It can be argued that it may similarly stand as a potential obstacle to the digitalisation 
of regulatory reporting at the EU level, as EIOPA lacks the direct supervisory powers 
to access insurance market data directly from regulated entities.” 

Nevertheless, in recent years there seems to be a steady albeit nuanced departure 
from the delegation of indirect supervisory powers to ESAs. The evolution of ESMA 
testifies to this trend.” Thanks to legal reform, ESMA enjoys direct supervisory 
powers over credit rating agencies (CRAs), and trade repositories.” In 2019, the 
European Commission (EC) successfully pushed for the amendment of the ESAs’ 
supervisory powers, further expanding the ambit of ESMA’s direct supervision to 
include third country central counter-parties (CCPs).*° The 2019 legislative process 
signalled the EC’s ill-fated but notable ambition to convert ESMA into a single, 
centralised, capital markets supervisor.°! 

This development is of special relevance in the case under examination. If the 
asymmetry between the supervisory powers of ESAs continues to grow, the 
SupTech strategies of the Authorities will also reflect this asymmetry. For example, 
on the one hand, ESMA makes clear that its leadership and strategy on EU-wide 
access to reporting data is driven by its expanding direct supervisory competencies, 
and the importance of the availability of high-quality data on a pan-European basis 
for supervision.*” EIOPA’s strategy, on the other hand, is shaped by its indirect 
supervisory mandate, and the allocation of direct supervisory powers to the national 
regulators. Consequently, it collects data (primarily from Solvency II templates) 


4 See Articles 17(6), 18(4) and 19(4) of Regulation (EU) No. 1094/2010 establishing EIOPA. 

5 Ibid, para 66 of the preamble. 

26 Schoenmaker (2011), p. 57. 

?7 See European Court of Auditors (2018), pp. 8-9. The report notes that EIOPA’s lack of access to 
information from insurance firms has impeded even its current oversight functions. 

°8See Howell (2017), p. 1027. The author argues that ESMA’s credible performance as a direct 
supervisory could result in the allocation of direct supervisory powers to EIOPA and the EBA. See 
also Moloney (2016), p. 380. The author suggests that ESMA could have a significant influence on 
the evolution of the institutional governance of the CMU. 

? See Articles 9 and 81 of the Regulation (EU) No. 648/2012 (European Markets Infrastructure 
Regulation). 

3°See Regulation (EU) 2019/2175 of 18 December 2019, which amends the three ESA founding 
Regulations. 

3! Gortsos and Lagaria (2020), p. 14. 

?2ESMA (2020), p. 20. 
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from national regulators rather than directly from regulated entities. In the past, 
national regulators have not easily given access to their data.” This ultimately 
creates SupTech implementation challenges in relation to the design of the techno- 
logical architecture of the digitalised ESFS, the feasibility of a centralised data 
service provider, and the governance of the reporting framework. 


2.3 The Proportionality Principle 


The proportionality principle means that ‘the content and form of Union action shall 
not exceed what is necessary to achieve the objectives of the Treaties’.** In Ex parte 
Fedesa, the European Court of Justice (ECJ) formulated a three-part proportionality 
test for an EU measure: whether it is suitable to achieve a legitimate aim, necessary 
to achieve that aim, and does not have an excessive impact on an applicant’s 
interests.” In addition, the 2019 amendments to the EIOPA Regulation emphasise 
EIOPA’s duty, in accordance with the principle of proportionality, to consider 
specific differences within the insurance sector, relating to the nature, scale and 
complexity of risks, to business models and practice as well as to the size of financial 
institutions and of markets to the extent that such factors are relevant to the rules 
considered.*° 

An implication of this principle is that both the digitalisation of the Capital 
Markets Union and the adoption of a system of EU algorithmic oversight are subject 
to the proportionality test, and relevant measures must be suitable, necessary and not 
excessive or disproportionate to the objectives sought. To the extent that uniform 
reporting requirements are essential for unlocking the full potential of digital 
reporting and EU algorithmic oversight,” the proportionality principle requires 
consideration of the costs implications of digitalisation to both small and large size 
insurance firms.** The principle is also relevant in determining the allocation of 
powers between EIOPA and NCAs as further progress with the integration of the 
latest technology into the EU system of financial supervision will most certainly 
require a rethink of their existing roles, powers and terms of interaction. Conse- 
quently, the proportionality principle will require a very nuanced exercise of the 
powers of EIOPA as regards initiatives for the development of a harmonised system 
of digital reporting. 


33 European Court of Auditors (2018), p. 8. 
34 Article 5(4) of the TFEU. 


35Case C-331/88 R v Minister of Agriculture, Fisheries and Food, ex parte Fedesa [1990] ECR 
1-4023. See also Chalmers et al. (2010), p. 367. 


36 Article 1(6) and (7) as amended by Regulation (EU) No. 2019/2175 amending ESA regulations. 
37See European Commission (2019b), p. 63. 


38 Joosen and Lehmann (2019), p. 71. See also Article 8(3) of Regulation (EU) No. 1094/2010 
establishing EIOPA. 
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2.4 The Meroni Doctrine 


The Meroni doctrine also restricts the ESAs’ rule making duties and powers to 
technical rather than policy issues with a wide margin of appreciation.’ Under the 
Lamfalussy legislative process, the ESAs have the mandate to promote legal con- 
vergence and market integration in two ways.”° First, they draft Level 2 delegated 
Acts and Implementing procedures, which are then considered and adopted by the 
EC.*' The Delegated Acts (which elaborate on the substantive content of Level 
1 legislation) and implementing procedures of Level 1 legislation, ensure 
harmonisation of the implementation and application across Member States.*” 
Second, ESAs formulate Level 3 non-binding (but “comply or explain’) guidelines 
and recommendations to establish consistent, efficient and effective supervisory 
practices in the Member States to achieve a uniform interpretation of the legisla- 
tion.’ The European Commission approves draft technical standards.“ 

The convoluted institutional design of the ESFS and the Lamfalussy procedure 
make it difficult to identify which institution should have the authority over the 
process of translating financial services legislation into machine readable and exe- 
cutable code. While it may be tempting to vest this authority on the Commission, this 
type of task (and relevant decision making) seems to have a strong technocratic 
component. In view of the intertwined co-existence of technical and public 
policymaking domains, especially in complex areas such as financial regulation, 
one possibility is to delegate this task to EIOPA under the approval of the European 
Commission. ^" 


3 Case 9/56 Meroni & Co., Industrie Metallurgiche, SpA v High Authority of the European Coal 
and Steel Community (1958). For a discussion on the different conception of the Meroni doctrine 
arising from Case C-270/12, United Kingdom v. Parliament and Council (Short Selling Ban) (Jan. 
22, 2014), see Georgosouli (2016), p. 368. 

40The Lamfalussy process, introduced in 2002 and later modified by the 2009 Lisbon Treaty, is a 
fast-track procedure for the EU-level legislation in the financial sector. It consists of four levels: 
framework Acts under Level 1, delegated and implementing Acts under Level 2, guidelines and 
recommendations under Level 3, and supervision of NCAs under Level 4. See Moloney 
(2014), p. 862. 

41 See, for example, Articles 8(2), 10, and 15 of Regulation (EU) No. 1094/2010 establishing 
EIOPA. 


42 See Simoncini (2015). 

43 See Schemmel (2016). See also Tridimas (2012), p. 70: the author argues that these instruments 
represent ‘the heavy hand of soft law’. 

“See Articles 10 and 15 of Regulation (EU) No. 1094/2010 establishing EIOPA. See also 
Georgosouli (2016), p. 350, noting the ‘unprecedented range of powers and level of discretion 
that [ESAs] have been endowed with when compared with older generations of EU agencies’. 


45 See Tridimas (2012), p. 69. 
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3 The EIOPA’s Recent Initiatives for the Digital 
Transformation of Insurance Supervision: An Incomplete 
Agenda? 


3.1 Introduction 


The purpose of this section is to offer a critical overview of the EIOPA’s strategic 
plan for the digital transformation of EU insurance supervision. Specifically, it 
considers the origins, subject matter and objectives of ELOPA’s plan of action, its 
compatibility with parallel initiatives from the other two ESAs and it assesses its 
completeness. 


3.2 Origins of EIOPA’s SupTech Strategy 


EIOPA’s SupTech strategy emanates from an over-arching policy framework of the 
EU. First is the EC’s 2015 Action Plan on Building a Capital Markets Union (CMU), 
which aims to further integrate the capital markets, to ensure the free flow of capital 
within the Union.*° Recognising the role of technology in an increasingly digitalised 
EU financial market, the EC in 2018 launched the Fintech Action Plan, as part of a 
wider strategy to create and strengthen a digital single market and the Capital 
Markets Union.*’ These two action plans strengthened the imperative for SupTech 
adoption by ESAs as a key factor in legal convergence within the CMU. The EC 
consequently launched a 2018 Fitness Check of EU Supervisory Reporting Require- 
ments project, aimed at not only cutting the costs of regulatory compliance, but also 
securing data standardisation, a key pillar for the integration of SupTech into the 
model of EU financial markets governance.** The EC also recognised that 
establishing the CMU depended on ESAs’ promotion of supervisory convergence 
among national regulators, with specific attention to innovation and technologies.’ 
Consequently, in 2018, the EC launched a legislative proposal to further integrate 
supervision of EU financial markets, by granting more roles and powers to the 
ESAs.°° The European Parliament and Council enacted the Regulation amending 
the ESA Regulations in December 2019, which clarified and strengthened the 
existing powers of the ESAs, and granted additional powers to ESMA and the 


416 See European Commission (2015). 
47 See European Commission (2018). 
48 See European Commission (2019a). 
See European Commission (2017). 
50 Thid. 
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EBA.°' ESMA received additional direct supervisory powers over critical bench- 
marks and third country benchmarks, while the EBA was granted a coordinating role 
over money laundering and terrorism financing issues.” 

As outlined in Sect. 2 above, the roles of the ESAs (including EIOPA) were 
amended to include the monitoring and assessment of innovative financial services 
and also contributing to the establishment of a common Union financial data 
strategy.” In addition, the ESAs were mandated to consider technological innova- 
tion, as well as innovative and sustainable business models, when carrying out their 
tasks under the respective founding legislations.°t These amendments placed the 
ESAs in strong legal footing to make SupTech policy without straying into 
policymaking roles. 

In 2018, the EC also established the Expert Group on Regulatory Obstacles to 
Financial Innovation (ROFIEG), whose 2019 report recommended the development 
and implementation of ‘a comprehensive and ambitious agenda to support the 
adoption of advanced RegTech and SupTech by the financial sector’ by the EC, 
ESAs and international standard setters.” This prompted the EC’s 2020 launch of 
the Consultation on a New Digital Finance Strategy for Europe, in which the EC 
endorsed an EU SupTech framework driven by machine-learning technology, and 
machine-readable and machine-executable technology.°° 

In addition to the EU’s policy framework, other notable programmatic activities 
by EIOPA also foregrounded its SupTech Strategy. One is the industry-led Open 
Insurance initiative (OPIN). This refers to the accessing and sharing of consumers’ 
insurance services-related data between insurers, intermediaries or third parties via 
Application Programming Interfaces (APIs), to enable faster and easier development 
of InsurTech.*’ EIOPA has identified this initiative as a catalyst for the uptake of 
SupTech, as Open Insurance may require real-time access to insurance services data 
by supervisors, to allow for automated monitoring and reporting, for regulatory 
compliance purposes.*® 

Second, EIOPA has rolled out specific EU-level regulatory initiatives in response 
to the challenges of InsurTech. These include the 2018 InsurTech Task Force, which 
brings together national supervisors for multidisciplinary backgrounds; the 
InsurTech Roundables, which facilitate dialogue with insurance stakeholders; and 
the European Forum for Innovation Facilitators.” EIOPA has also established the 


5! See Regulation (EU) 2019/2175 of 18 December 2019, which amends the three ESA founding 
Regulations. 


>? Ibid. See also Gortsos and Lagaria (2020), p. 14. 

53 See Articles 8(1) (aa), (f), and (ia) of Regulation (EU) 1094/2010. 
54 See Article (1a)(c) of Regulation (EU) 1094/2010. 

See European Commission (2019b). 

56 See European Commission (2020). 

57 See Husseini (2018), p. 2. 

58 See EIOPA (20200). 
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Expert Group on Digital Ethics in Insurance (DGE), a total of 40 stakeholders from 
the insurance industry, consumer representatives and academics that are working to 
develop a set of principles of digital responsibility in insurance.°° 

Against this backdrop of developments, EIOPA adopted two milestone plans of 
action in early 2020. The first one is the Supervisory Convergence Plan for 2020, 
while the second one is its 2020 Supervisory Technology Strategy. 

The Supervisory Convergence Plan for 2020 seeks to achieve a high, effective 
and consistent level of supervision across Europe. Its goal is to further improve the 
functioning of the internal market, by preventing supervisory arbitrage and 
guaranteeing a level playing field.°’ Supervisory convergence, according to the 
Plan, ‘should be built on a common interpretation of law and regulations, and 
without prejudice to the application of supervisory judgment or the proportionality 
principle’. The Plan identifies SupTech as one pillar of supervisory convergence, 
with the aim of ‘joint development by EIOPA and NCAs of innovative and efficient 
supervisory solutions that will support a more flexible and responsive supervisory 
system’.®’ Examined in the context of the ESFS, the Plan is key to EIOPA’s overall 
SupTech strategy in at least two ways. First, the Plan sets as an outcome the 
development of supervisory convergence tools, including EIOPA Guidelines, Super- 
visory Handbook, Supervisory Statements. These supervisory tools will create the 
administrative and operational structures that will be subject to digitalisation by 
SupTech. Second, it entrenches the EU administrative law principles of subsidiarity 
and proportionality, which are key to the legality of the SupTech adopted by 
EIOPA.°° Notably, the Convergence Plan neither engages with SupTech in detail, 
nor pre-empts the emerging issues of digitalised regulatory supervision. These 
include the technologies required, the limits of encoding EU regulations, and the 
architecture of regulatory reporting and related governance issues, discussed in 
Sect. 4. 

In its turn, the Supervisory Technology Strategy seeks to establish ‘a 
...coordinated plan for SupTech development which will deliver supervisory tools 
or processes, considering EIOPA’s strategic objectives and the Supervisory Conver- 
gence Plan’. This overarching goal is also reflected and further articulated in the 
four objectives of EIOPA’s SupTech Strategy. These are the following: 
(a) Promotion of knowledge and experience; (b) improving cooperation and 
exchange of information; (c) improving data collection through the standardisation 
and efficiency of reporting framework; and (d) improving data analytics. The 


ibid 53. 

61 See EIOPA (2020a), pp. 1-2. 
Ibid, p. 1. 

Ibid, p. 3. 

Ibid p. 1. 

“Ibid, p. 2. 

66 See EIOPA (2020b), p. 1. 
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technologies identified in the Strategy®’ include the Internet of Things (IoT),* 
Distributed Ledger Technology (DLT), Artificial Intelligence (AI), Machine 
Learning Technology (MLT),’' and Natural Language Processing (NLP).’? The 
supervisory functions EIOPA aims to digitalise include prudential and Conduct of 
Business (COBS). This entails digitising operational functions such as data sharing, 
data analytics (e.g. in common risk assessment frameworks), and market 
monitoring.” 

As a result of the operating environment of the ESFS and the EU principles of 
conferred powers, subsidiarity, proportionality, and the Meroni doctrine, areas 
impacted by specific national administrative law (e.g. organisational changes and 
the enhancement of different processes) fall outside the scope of the SupTech 
Strategy of the Authority. Instead, EIOPA’s SupTech Strategy focuses on areas 
where EIOPA and the NCAs can collaborate (e.g. improvement of supervisory 
processes and use of data). Further, it is noteworthy that (as the four strategic 
objectives bring beyond doubt) EIOPA intends to explore how technology could 
help improve regulatory reporting. This should not come as a surprise. Without a 
robust system of regulatory reporting that benefits from the latest predictive and 
communication technology, it is simply not possible for EIOPA (or ESMA and the 
EBA) to improve its business intelligence capability, enhance its analytical frame- 
work, risk reports and the publication of statistics. 

While the EU’s over-arching policy framework has indeed provided impetus for 
the adoption of the SupTech strategy, EIOPA has also (separately) outlined key 
rationales that necessitate its engagement. For example, in its response to the EC’s 
2020 Digital Finance Strategy Consultation, EIOPA identifies barriers to RegTech 
adoption within the Single Market, including lack of harmonisation of EU rules, and 
lack of harmonised approach to RegTech within the EU.”* These rationales put into 


®"Tbid, p. 2. 

©8Tnternet of Things refers to the networked interconnection of everyday objects, which are often 
equipped with ubiquitous intelligence. IoT integrates every object for interaction via embedded 
systems, which leads to a highly distributed network of devices communicating with human beings 
as well as other devices. See Xia et al. (2012), p. 1101. 

© Distributed Ledger Technology is ‘an appended-only, distributed database that is collectively 
stored, maintained and updated across a network of computers with each computing “node” in the 
network storing an identical copy of the database.’ See Yeung (2019), p. 210. 

Broadly speaking, Artificial Intelligence (AI) is the simulation of intelligent behaviour in com- 
puters. See Boden (2018), p. For a working definition of AI and Machine Learning and a brief 
description of their main difference, see Bank of England and Financial Conduct Authority (2019). 
71 See Bank of England and Financial Conduct Authority 2020. Machine learning is a type of 
Artificial Intelligence (AI) that enables computers not just do certain tasks but to learn without being 
explicitly programme. 

” Ibid, p. 24. Natural language processing is a tree-based machine learning model that ‘involves the 
application of algorithms—often neural networks—to identify and extract the natural language 
rules such that unstructured language data is converted into a form that computers can understand’. 
73 See EIOPA (2020b), p. 1. 


74 See EIOPA (2020c), p. 54. 
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perspective the role EIOPA has shaped for itself in the SupTech Strategy: to 
coordinate common work (at national level) by implementing a platform of 
on-going exchange of knowledge and experience, and organising and endorsing 
the analysis of potential developments of tools (e.g. by promoting proof of con- 
cepts).’> These roles are fully compatible with EIOPA’s current, supervisory role, 
including the development of draft Implementing Technical Standards on public 
disclosure and supervisory reporting of insurance and reinsurance undertakings, 
provision of XBRL taxonomies, as well assurance of data standardisation and data 
quality.’° 


3.3 Summary 


EIOPA’s strategic plan for the digital transformation of insurance supervision in the 
EU single market covers a lot of ground but takes a piecemeal, cautious and 
fragmented approach. Instead of implementing a general plan of action for regula- 
tory technology, it focuses on the use of technology for supervisory purposes 
(SupTech) and in priority for the execution of reporting requirements. This cautious 
and rather tentative approach is in the right direction, but it leaves a lot to be desired. 
Digital reporting is clearly on the agenda and rightly so, but there is no systematic 
thinking about what course of action would be required for the development of such 
system in the future.” Although this could be partly explained by the fact that it is 
too early (for example, Member States are in different levels of digital transition; the 
harmonisation of EU law on all aspects of data privacy and other crucial governance 
aspects of technology is still incomplete etc), it is equally true that it is never too 
early to think about a roadmap of action in anticipation of future challenges and 
potential responses to those challenges. Some of those challenges are considered 
below. 


™ See EIOPA (2020a), p. 6. 


7See EIOPA (2020c), p. 55. XBLR is an example of semantic technology. According to 
Wikipedia, XBLR is a framework for exchanging business information. It allows the expression 
of semantic meaning for business reporting using the so-called XML-based language and 
XML-based syntax and related XML technology. In its turn, XML is a software system through 
which data may be specified, stored, queried, transformed, exported and returned to a calling system 
according to a specific set of rules for encoding documents in a format that can be read by both 
humans and machines. Wikipedia at https://en.wikipedia.org/wiki/XBRL and at https://en. 
wikipedia.org/wiki/XML (last visited 12 February 2020). 


77 Similar data collection initiatives have been announced in other jurisdictions and largely remain at 
an earlier stage of development. These include the US Consumer Financial Protection Bureau 
(CFPB) and Commodity Futures Trading Commission (CFTC), the Monetary Authority of Singa- 
pore (MAS), the Hong Kong Monetary Authority (HKMA), the Japan Financial Services Agency 
(JFSA), and the Philippines Central Bank (BSP). Bank of England (2020), pp. 26-27. 
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4 A Reality Check: What Would It Take to Set Up a Digital 
System of Regulatory Reporting? 


The recognition of the need for a system of digital reporting in EIOPA’s agenda is a 
welcome development but the absence of any comprehensive plan of action is an 
important blind-spot in the Authority’s strategy for the digital transformation of EU 
insurance supervision. In this section, we discuss a series of themes that emerge in 
relation to the development and implementation of a system of digital reporting in 
the field of EU insurance supervision in anticipation of problems and potential 
responses to those problems. Where appropriate we draw on recent experience 
from other jurisdictions. 


4.1 Mapping the Extent of Sophistication of the Technology 
That Will Be Required for a System of Digital Reporting 


At a minimum, a digital system of regulatory reporting requires a digital network 
providing the necessary infrastructure for the interconnection of the various users, 
and advanced predictive and communication technology for the generation, collec- 
tion, storage and processing of high volumes of different types of data coming from 
different sources ideally in real time. Digital Ledger Technology (DLT), Machine 
Learning Technology (MLT) and Natural Language Processing (NLP) are essential 
components of this digital infrastructure. ’* 

Originally, DLT came into being for Bitcoin”? and its function was to enable 
peer-to-peer transfers of money without using banks. For Bitcoin transactions, DLT 
works as follows. Participating individuals are identified by a number (the ‘public 
key’) and are given a passcode (a “private key’) to access their own money. Each 
time they transact, a shared public record of the transaction is created and an identical 
copy of the entire record of the transaction (the ‘distributed ledger’) is kept on their 
personal computer and updated by the consensus of all the participants.°° DLT is 
typically combined with a ‘smart contract’, a distinctive feature of which is its self- 
executing nature. Specifically, the terms of the smart contract are written into code, 
run on a distributed ledger and are executed automatically on the occurrence of a 
specified event.*! 


78 See definitions in note 26, 28 and 29. 

7° Bitcoin is a form of money that is not backed up by the government of any State. See Narayanan 
et al. (2016), p. 59. 

80 See Micheler and Whaley (2020), p. 352. 

81 Ibid. An example of a specific event is the payment of a certain sum at regular intervals. There 
remains a debate on whether smart contracts are legal contracts, since smart contracts may not fulfil 


the legal requirements for the formation of a contract. See for example Brownsword (2019); De 
Filippi and Wright (2019), p. 87. 


The Algorithmic Future of Insurance Supervision in the EU: A Reality Check 231 


Since its first appearance, the application of DLT has expanded to IT compliance 
solutions amongst others. In the UK, Codra was the first DLT-enabled regulatory 
technology. It was initiated by the industry to match legal agreements between 
parties and operated according to a basic distributed consensus.*” Being designed 
to complement the existing legal structures, Codra mandated its users to acknowl- 
edge explicitly the supremacy of the rules of the regulatory law for compliance 
purposes.*° Furthermore, its running had a positive impact on the detection of money 
laundering, fraud or other illegal activity. DLT is very promising in providing the 
necessary digital network for the operation of a system of digital reporting. Pending 
further improvements, DLT could be used by the financial industry for the record- 
keeping and execution of a wide spectrum of financial transactions.** This is of 
particular relevance in the case under examination because, if this were to happen, it 
would be the first decisive step to connect financial authorities like EIOPA directly 
with all other users of this digital network and, hence, to open the way to an era of 
almost real-time financial reporting and oversight.®° 

MLT is a further component of a digital network of regulatory reporting. This is a 
type of artificial intelligence that can allow real time analysis of vast volumes of 
information for supervisory purposes.*° Machines with learning capabilities excel 
humans in the identification of unusual patterns of activities and in spotting previ- 
ously unnoticed correlations indicating the emergence of risks. Furthermore, when 
combined with NLP, it could be used for the processing, analysis and understanding 
of oral and written human communication. This would be particularly helpful for 
reporting purposes. Specifically, it could enable machines to read regulatory content 
and then process relevant data for the execution of reporting tasks as, for instance, 
the collection or submission of specific data. Currently, NLP supports the operations 
of Alexa, Siri and Google Translate.*’ Furthermore, it is increasingly becoming a 
useful tool for financial regulators like EIOPA. For instance, EIOPA itself is already 
exploring the benefits of this technology to extract information from packaged retail 
and insurance-based investment products’ (PRIIPs) key information documents 
(KIDs) for supervisory purposes.*® 

For the enthusiastic advocates of digitalisation, the capabilities of these technol- 
ogies are impressive, however, it is important to have a realistic sense of their current 
and projected potential. Recent experiments with digital reporting in the UK, for 
example, have established the feasibility of real time regulatory reporting in relation 


®? Yeung (2019), pp. 221-222. 


83 On the Codra project see Ibid (noting that in this manner it becomes clear that ‘the understanding 
of the code of law prevails over code as law’). 


84Micheler and Whaley (2020), pp. 352-353. 
5 Yeung (2019), pp. 221-222. 

86 Micheler and Whaley (2020), pp. 353-354. 
87Tbid p. 354. 

88 Ibid. This is further discussed on page 15. 
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to highly detailed technical requirements from the computer science point of view 
but, at the same time, have also brought onto the surface several challenges.*° 

Although it is possible for the industry to use DLT, the UK regulators have 
concluded that for the time being this technology is not sufficiently advanced to 
become fully integrated into a system of digital reporting. Similarly, the use of MLT 
is growing but it is not problem free. One of the thorniest issues is that the software 
that enables machines to engage in learning raises serious questions of ethics, fair use 
and privacy because of its conspicuous complexity, lack of transparency and inex- 
plicability.°° A further difficulty is that its use is not scaleable given its present and 
foreseeable development. Nevertheless, the future looks promising. The more access 
machines have to data, the smarter the machines become.”! In this respect, the advent 
of quantum computing and the convergence of technologies like Advanced Soft- 
ware, Big Data and Big Compute is expected to enhance cloud storage and improve 
accessibility of data kept in large-scale storage, while Big Data will improve the 
machines’ ability to analyse vast pools of data, detect patterns and generate 
insights.” Finally, NLP is at an early stage of development. According to the latest 
experiments with this technology, NPL is not sophisticated enough to cope with 
social context and the linguistic nuance of the content of regulatory law.” To be 
sure, it is desirable to integrate NLP and other semantic technologies into digital 
regulatory reporting but, by everyone’s admission, the design and implementation of 
these technologies require further investigation.”* 


4.2 The Limited Translatability of the EU Legal Content Into 
Instructions that Can Be Read and Executed by Machines 


EIOPA takes the view that machine readable and executable reporting requirements 
could prove beneficial for regulators and the insurance industry alike. It further 
projects that a future of regulatory compliance will be largely ‘algorithm/code based’ 
as the relevant technology promises to reduce compliance costs, eliminate the need 
for human interpretation and speed up the time that is otherwise required for 


8 See FCA (2017), p. 10, 14. 


°° See Jarrahi (2019), p. 5. He notes that ‘[t]hese AI systems often know more than they can explain 
in an intelligible way, and hence emerge as a black-box to human decision-makers’. See further 
Scantamburlo et al. (2019), p. 57. 

°!T ohr et al. (2019), p. 231. 


°? Big Data describes an extremely vast set of accessible data (e.g. the Internet of Things). Big 
Compute refers to a wide range of tools and approaches to run large-scale applications for business, 
science, and engineering performing complex modelling, simulations etc. Cloud computing is an 
example of Big Compute. NLP is an example of Advanced Software. 

?3See EIOPA response to the consultation -specifically, response to question 45. EIOPA 
(2020a), p. 57. 


94 Some firms currently use NLP technologies to extract key terms from legal documents. 


The Algorithmic Future of Insurance Supervision in the EU: A Reality Check 233 


regulators to identify emerging risks.” Transforming the legal requirements into 
code is technically challenging, however. Algorithms are the only language that 
machines can process. To ensure that the content of the EIOPA rulebook becomes 
machine readable and machine executable, it is necessary to convert it into its 
algorithmic version in order to enable machines to communicate with other 
machines in the same network for the automated execution of a series of regulatory 
tasks (e.g. data collection). 

Machines of specialised intelligence do not process equally well all types of 
data.’ To be at the peak of their performance, they need to be fed with highly 
structured data, namely data capturing a piece of information of a narrowly defined 
meaning. This is not to say that machines cannot cope at all with semi-structured or 
unstructured data namely data, the meaning of which is more open-ended and far less 
clearly pre-defined. They do, but the less structured the data, the more difficult it is 
for machines to engage in decision-making where meaning is to be inferred. The 
machines’ need for highly structured data sets a crucial challenge to the conversion 
of regulatory content into algorithms.”’ Ultimately, this depends on how feasible it is 
to break down regulatory content into granular instructions, and then convert those 
instructions into micro-directives communicated in algorithmic language. 

Many existing provisions of the EIOPA rulebook are not suitable for algorithmic 
conversion chiefly because it is difficult to interpret the content of those legal 
provisions into exhaustively precise terms without changing or losing part of their 
meaning. This task of translation is not as straightforward as it seems because it is 
impossible to fix the meaning of a word prior to its use. Take the example of the 
word ‘sales’. To paraphrase Ludwig Wittgenstein, no meaning of the word ‘sales’ 
can include everything that is a sale and exclude everything that is not a sale.°* The 
relationship between the various uses of the word ‘sale’ is like the relationship 
between various members of a family. A resemblance exists but it is not possible 
to give this resemblance any rigid definition ex-ante. Accordingly, the algorithmic 
conversion of legal rules of relative specificity is much more complex than, say, the 
identification and submission of the reference number of a specific product provider. 

Consider for instance the Commission Delegated Regulation (EU) 2017/653 
supplementing Regulation (EU) No 1286/2014 on key information documents 
(KIDs) for packaged retail and insurance-based investment products (PRIIPs).”” 
This is a Level 2 regulation that lays down the regulatory technical standards for 


° See EIOPA response to consultation, specifically response to question 43. EIOPA (2020a), p. 55. 
°° The UK financial regulators draw a distinction between three different types of data: ‘structured’, 
‘semi-structured’, and ‘unstructured-data’). A bank account balance offers an example of structured 
data. The pixels in an image offer an example of unstructured data, as they do not have a pre-defined 
meaning. See Bank of England and Financial Conduct Authority (2019), pp. 21-23. 

"Ibid, p. 22 (noting that according to their survey responses ‘structured data is used for more than 
80% of ML use cases’ but ‘firms also use semi-structured or unstructured data in more than two 
thirds of cases, often in conjunction with structured data’). 

°8See Anscombe and Rhees (1963), para 1-38. See also McGinn (2003), pp. 33-72. 

For a comprehensive discussion of PRIIP see Colaert (2016). 
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fulfilling the disclosure of KIDs. Annex 1 provides the template for the KID, which 
specifies in detail the data fields that must be completed. The substantive provisions 
of the Regulation outline in great detail how to populate the data template. For 
example, Art. 12 section 1(a) provides that in the section on risks and returns, PRIIP 
manufacturers shall specify ‘the range of risk classes of all underlying investment 
options offered within the PRIIP by using a summary risk indicator having a 
numerical scale from | to 7, as set out in Annex III’. This provision can be relatively 
easily encoded into machine-readable language, as the numerical values are amena- 
ble to rephrasing into a set of more concrete instructions. On the other hand, section 
1(c) requires PRIIP manufacturers to specify ‘a brief description on how the perfor- 
mance of the PRIIP as a whole depends on the underlying investment options’. It is 
much more difficult to generate granular instructions for an open-ended data field 
like section 1(c). For example, it is not clear how brief the description will have to be 
and what should be the criterion for assessing the relevance of underlying investment 
options. The application of section I(c) calls for a system of decision-making that 
displays normative reasoning and sensitivity to social context and the nuances of 
human language namely capabilities in which humans overperform machines of 
specialist intelligence. 

An additional limitation here is the following: although it is possible to convert 
the semantic content of legal rules into algorithmic language, it is not possible to 
capture the context within which these rules are meant to apply. Legal rules are also 
subject to change and so it does the regulatory content that is to be converted into 
algorithmic language. Consequently, the relevant computer programming that sup- 
ports machine readability and machine executability will also need constant updates. 
Finally, an additional source of complication stems from the fact that quite often 
regulatory content comes from legal rules that have been made by different regula- 
tors with distinctive mandates and potentially conflicting agendas. As a result, the 
ex-ante standardisation of those rules and correspondent agreed definitions may 
simply not be feasible or it may be unsuitable. 

At least in part, the challenges described above may be addressed by ensuring that 
data is subject to constant validation through human input and oversight, so that it is 
kept accurate and reliable; and by regulating those professionals that undertake to do 
this job. For instance, regulators like EIOPA can take the following measures 
amongst other things: (a) Draft and constantly update explanatory guidance for 
software developers and others professionals with the responsibility of overseeing 
machines and of validating machine outputs, (b) provide training or at least have 
some control over the training of software developers and other professionals; and 


100 See Colaert (2018), pp. 71-72 (highlighting the qualitative element underlying the method of 
calculation of the risk indicators in relation to the KID of Regulation (EU) No. 1286/2014 of the 
European Parliament of the Council of 26 November 2014 on key information documents for 
packaged retail and insurance-based investment products (PRIIPs) [2014] OJ L 352/1, namely the 
predecessor of the current Commission Delegated Regulation, and noting that, despite the recent 
legislative amendments, concerns remain over the potentially misleading nature of the risk 
indicators. 
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(c) supervise them to ensure compliance with best practice.'°' However, multiple 
checks, verifications and updates complicate the governance of algorithmic financial 
supervision, increase the cost of its administration and management and over-stretch 
the mandate of insurance regulators. '°” 

To be sure, progress with the current on-going efforts to improve the consistency 
of definitions, formats and processes as well as the standardisation of data is 
expected to improve data quality in the context of digital reporting and, more 
generally, to make the governance of algorithmic financial supervision much more 
manageable. '°* However, this would not be enough. Law and code are not just two 
different normative domains of governance.'°* They are mutually exclusive forms of 
communication." While natural language requires a degree of linguistic ‘open- 
texture’, algorithmic language leans towards granular precision. Conflict between 
the two is inevitable and it is paramount that it is resolved in a manner compatible 
with the rule of law. 

A potential solution to the mutual exclusiveness of natural language and algo- 
rithmic language as forms of communication would be the following. First, to 
confine algorithmic conversion only to Level 3 legislation of the EIOPA rulebook 
since its extremely detailed content seems to better fit the picture of regulatory 
content eligible for coding albeit not without difficulties.'°° The next step would 
be to draft Level 3 legislation as two-tiered legal instrument so that its content is 
expressed in both forms of communication to accommodate both human decision 
making and algorithmic decision making. Finally, resolve potential conflict between 
the two by giving priority to human interpretation as a recognition of the fact that 
human language is the only form of communication that is capable of realising 
fundamental principles of the rule of law.'°’ A future EIOPA rulebook of that sort 
would of course confine the use of digital reporting to a smaller fraction of insurance 
regulatory requirements, but it would make the digital transformation of EU insur- 
ance supervision compatible with the rule of law, safer and more manageable. 


101 See, for instance, FCA Data Reference Guides in FCA (2016). 


10? Phase 2 of the Pilot Programme looked into the economic viability of the DRR concluding that 
‘the business case for DRR is strongest when implemented for multiple domains and aligned to 


change initiatives already occurring at firms’. See Financial Conduct Authority et al. (2019), p. 5. 


103 The importance of data consistency and standardisation has been emphasised in various public 


policy communications. See notably, European Commission 2019. EIOPA has been supporting the 
development of standardised approaches to data and IT as for instance the development of an XBRL 
based taxonomy for both pensions and re-insurance reporting requirements and the LEI application 
in both sectors. See EIOPA (2020a), p. 56. 


104-Yeung (2019). 
105 Pasquale (2019), p. 3. 


'6The suggestion is likely to find a positive response from the EIOPA. See EIOPA’s response to 
EC consultation in EIOPA (2020a), p. 55. Reporting frameworks / legislations which could benefit 
the most from being translated into machine-executable form are the ones already using machine- 
native international standards (such as [S020022, XBRL, SDMX) for reporting and disclosure. 


107 Pasquale (2019), p. 5. 
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4.3 The Architecture of Regulatory Reporting and Issues 
of Governance 


Broadly speaking, the debates on the architecture of regulatory reporting draw a 
conceptual distinction between two models of data collection: On the one hand the 
‘push model’ of data reporting and, on the other hand, the ‘pull model’ of data 
reporting.'°* The push model is the traditional process of reporting in which 
regulated individuals have the obligation to submit certain information in compli- 
ance with the relevant regulatory law. The pull model stands at the opposite side of 
the spectrum in that the regulators are assumed to be able to pull data themselves 
instead of requiring members of the industry to submit data while keeping an eye on 
them to ensure that they will conform with the specific reporting instruction. Until 
recently, and as it is evident from the architecture of the existing legal design of 
reporting requirements, only the implementation of the push model was feasible. 
However, the advent of regulatory technology bears the potential of moving to a pull 
model of regulatory reporting. 

EIOPA has already in place a common database for Solvency II reporting, but it is 
at an early stage of development.’ Accordingly, it is worth asking whether the pull 
model or a variant of it would be an appealing proposition for EIOPA more 
generally. A notable advantage of a pull mechanism, at least on paper, is that it 
would make possible for EIOPA to collect the data it needs, in almost real time and at 
a minimum cost, as it will not have to store and handle large datasets. For the same 
reason, it would become easier for the Authority to ensure compliance with data 
security and personal data rules. 

A potential candidate for EIOPA would be to opt for an architecture of digital 
regulatory reporting similar to the one that has been adopted by the National Bank of 
Rwanda (NBR).!!° 

The NBR has in place a granular data extraction model (a pull mechanism like for 
example an API) connecting the NBR with reporting firms. This pull mechanism 
facilitates the submission of information on the request of the NBR. It operates based 
on pre-defined set of templates with guidelines, which are shared with all reporting 
institutions and make possible for the NBR to pull data from the firms’ core 
systems.!'! 


108 Bank of England (2020), pp. 42-45. 


'0°Solvency I data is to some extent standardised but further progress is required with 
standardisation because its present level does not guarantee data quality. Compared to Solvency 
II data, the standardisation of Conduct of Business data is at a very early stage of development. 
"19K amali and Randall (2017); Dias and Straschen (2017), p. 27; Broeders and Prenio (2018), p. 6. 
See also Bank of England (2020), p. 27 (considering the recent experience with the digital reporting 
model of NBR in the context of current debates about the future shape of the Bank’s digital data 
strategy). 


"Bank of England (2020), p. 27. See also National Bank of Rwanda (2017), p. 73. 
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Despite its obvious benefits when compared to the traditional push model of 
regulatory reporting, the pull model would most probably not work equally well for 
all types of data collection. For example, its application would be problematic for the 
collection of fluctuating figures (e.g. data on aggregate financing). In that latter case, 
the traditional push model of data collection would be preferable. Projections about 
the net benefits of the pull model are also bound to be an imprecise science.''? 
Ultimately, the efficiency of this model will depend on how its costs compare to the 
costs of generating and sending files manually, the number of data requests and other 
uncertain factors. 

The implementation of a pull model would also require massive changes to data 
governance. Under the existing push model, reporting rules specify things like the 
time of data submission and content of the data submitted. However, if a pull model 
is to be implemented, then these rules would have to be replaced with a different set 
of rules as it would be necessary to specify when and how often firms must make 
data available, when and how often EIOPA could pull data, and under what 
circumstances data resubmissions might be allowed. 

An alternative to the Rwandan model would exhibit a more centralised outlook. A 
distinctive feature of this model would be the presence of a central service provider 
(‘central utility’) which would carry out a variety of tasks and reporting processes as, 
for example, the collection of granular data, the interpretation of reporting instruc- 
tions, and the transformation of firm source data into the data that is required for 
reports. ''* The reporting model of the Central Bank of Austria is an example of this 
more centralised variant of the pull model.'!* At the heart of this system of reporting 
lies the AuRep. The latter is a central utility co-owned by seven of the largest 
Austrian banking groups. AuRep serves as a reporting platform and works as 
follows: Reporting banks enter granular data into a standardised input layer. This 
data is then sent to AuRep, which processes it into regulatory data that meets 
different reporting requirements. Acting on behalf of the reporting banks, AutRep 
then reports directly to the Austrian Central Bank.''° Currently, AuRep covers 
almost all statistical reporting of banks and financial stability reports, but the plan 
is to expand in the future. 

One of the advantages of implementing an Austrian type of data collection for 
digital reporting is cost reduction though the avoidance of duplication. A further 
advantage is the increase of the quality of reported data, since several crucial 
functions—notably, the standardisation of the transformation of data, the interpre- 
tation of reporting instructions and their execution—will be carried out in one place. 
An additional advantage is that the collected standardised data could be used to feed 


112 Bank of England (2020), p. 31. 
113 Thid, p. 43. 


114 Thid, p. 26; Broeders and Prenio (2018), p. 6. The Austrian architecture follows the model of the 
European System of Central Banks’ (ESCB) Integrated Reporting Framework (IReF). Here chose to 
refer to the Austrian model instead of the IReF one because the latter is under consultation. 


115 Bank of England (2020), p. 26. 
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valuable information back to regulated insurers taken individually, hence, providing 
value to the industry and policy analysts amongst others. Furthermore, the publica- 
tion of a subset data in a central and easily accessible database could become 
instrumental to the improvement of public disclosures.'!° 

The perceived benefits need to be weighed against the costs of running the 
centralised service provider. Again, this type of architecture may not be suitable 
for all types of data. Statistics reports consisting of aggregations of granular source 
data will probably be easiest to provide centrally. The opposite holds for data which 
requires firm-specific judgment. In that latter case, it would be desirable to ensure a 
degree of human involvement at firm level so that those legally responsible for any 
data omissions and inaccuracies have the opportunity to check the data that they are 
submitting.''’ The preservation of human input is crucial here because the purpose 
of centralisation of the various reporting functions is not to discharge firms from the 
responsibility to comply with the various reporting rules but to help them comply in 
a cost-efficient fashion. From the legal point of view, reporting firms need to 
continue to be legally responsible and accountable for the quantity and quality of 
the data that they submit. A further issue of concern is that any data errors are bound 
to affect the entire industry with potential systemic implications for as long as they 
remain undetected. 

Not unlike the decentralised model, the implementation of an Austrian type of 
reporting architecture EU-wide in the context of insurance would also require crucial 
changes to the existing governance arrangements. For example, extra measures 
would have to be taken to respond to data security and other operational risks with 
clear lines of responsibility for decision-making and action. In addition, it would be 
necessary to change the reporting rules to respond to the emerging data architecture, 
while a separate set of rules might be needed to provide responses to errors or various 
other contingencies. 

The Integrated Reporting Framework (IReF) of the European System of Central 
Banks (ESCB) which is currently under consultation, is very similar to the Austrian 
model and offers a hint of how the Austrian reporting architecture might look like at 
the EU level.''® The aim of the IReF is to integrate a wide range of existing statistical 
reporting requirements of the various NCAs into a single reporting model. It is 
envisaged that the IReF would define a sufficiently granular set of requirements for 
reporting purposes and that its operations would benefit from the existing Bank’s 
Integrated Reporting Dictionary (BIRD).'!° The BIRD provides a harmonised data 


‘©The US Federal Financial Institutions Examination Council provides an interesting example of 
data transparency in terms of the depth, frequency and accessibility of the disclosures. See 
Ibid, p. 44. 

117 Human involvement would also be essential to ensure EIOPA is allowed to query part of the 
common input layer directly. Ibid, p. 42. 

"18 Further information on the IRef is available at https://www.ecb.europa.eu/stats/ecb_statistics/co- 
operation_and_standards/reporting/html/index.en.html. 

"Further information on BIRD is available at https://www.ecb.europa.eu/stats/ecb_statistics/co- 
operation_and_standards/reporting/html/index.en.html. 
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model which specifies the data which should be extracted from the internal IT 
systems of the reporting firms (the so-called ‘input layer’). Furthermore, it contains 
a set of rules which govern the transformation of the extracted data into a specific 
final regulatory figure (the so-called ‘transformation rules’). 

An interesting question to ask is whether EIOPA should undertake the role as 
central service provider or whether instead this role should be entrusted to a separate 
EU agency which will be designed specifically for that role. EIOPA is primarily an 
EU-supervisory agency with nuanced range of powers to perform regulatory func- 
tions specific to its insurance mandate. Prima facie, it is not a technology or data 
services provider. As discussed above, EIOPA perceives its role as focusing on 
the promotion of the development of a common SupTech framework and strategy in 
the field of insurance. In pursuit of this role, EIOPA has been particularly active in 
the coordination of common work with NCAs, the facilitation of experience sharing 
and the organisation and endorsement of analysis for the potential development of 
tools (e.g. by promoting proof of concepts). Historically, the management of large 
quantities of data is not its core specialism. If it were to be entrusted with the 
additional role of central service provider, this would also generate significant 
reputational risks to the EIOPA in relation to data quality assurance failures, data 
security and other operational risks. A further issue of concern is that, if EIOPA were 
to take up additional powers and responsibilities in pursuit to its new role, the 
desirability of calibrating the powers and responsibilities of the other two ESAs 
would have to be considered too, hence, potentially opening the floodgate of 
far-reaching and for that reason more time-consuming reforms of the current ESFS. 

While the above considerations militate against the idea of expanding the existing 
mandate of EIOPA and turning it in effect into a central service provider for 
reporting purposes in the field of EU insurance, a host of other issues point to the 
opposite direction. Consider, for example, the use of MLT. A key feature of machine 
learning is that it is driven by a statistical model, whose design embeds a system of 
scoring and typically involves impenetrably complex calculations. '*° The statistical 
model serves a specific goal in relation to which machines learn to mine data from 
vast datasets, identify correlations and patterns, infer information, make predictions 
and produce outputs. This goal may address a legitimate concern as, for example, 
that of cost efficient reporting and compliance but from that it does not follow that it 
fully captures the policy objectives of financial regulators, or that it indeed yields 
correct legal results. To pre-empt this mismatch, EU rule-makers should continue to 
be the ones to write rules in natural as well as in algorithmic language. Moreover, EU 
rule-makers should assume responsibility over the regulation of data specifications 
and the validation of standards (with the cooperation of EU and other NCAs 
including the European Data Protection Supervisor (EDPS) as well as input from 
expert software developers, the industry and other stakeholders) so that they will be 
able to address issues of data quality assurance and other operational risks at source. 


2°This aspect of machine learning is known as algorithmic opacity, and it explains the inscruta- 
bility of algorithmic decision-making. On this point, see Cobbe (2019), pp. 638-639. 
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This will be easier said than done. The institutional design of the ESFS is complex 
and additional supervisory responsibilities over the governance of the relevant 
regulatory technology will most certainly overstretch EIOPA’s current supervisory 
mandate and powers. To be sure, one does not have the crystal ball to make 
projections about whether the EU governance of regulatory technology in the field 
of insurance will provide the impetus for a radical reshuffling of the existing 
convoluted institutional architecture of the ESFS. This notwithstanding, ignoring 
the elephant in the room does not help for planning purposes. Given space con- 
straints, it is not possible to explore all possible institutional options taking things 
forward. One possibility, however, might be to set up a joint central service provider 
for all three ESAs the task of which would be to coordinate and streamline the 
administration of digital regulatory reporting for all three sectors of the EU financial 
systems. This would be consistent with economies of scale and scope and would 
facilitate cross-sectoral knowledge generation and sharing. 


5 Conclusion 


In this chapter we sought to offer a reality check of the algorithmic future of 
insurance supervision in the EU. Specifically, we examined EIOPA, its operating 
environment, and how principles of EU administrative law shape its SupTech 
mission and mandate. We then portrayed the Authority’s role in the digital transfor- 
mation of insurance supervision in the EU and the evolution of its strategy to point to 
an important blind-spot: the absence of a comprehensive plan of action for the 
development of a digital system of regulatory reporting in the field of EU insurance 
supervision. Against this backdrop, we considered a series of themes in relation to 
the setting up and running a system of digital reporting in anticipation of future 
challenges and potential responses to those problems. These relate to the limitations 
of the technology that will be required for digital reporting given its current and 
foreseeable stage of development, a series of difficulties with the conversion of 
regulatory content into code and, lastly, issues of reporting architecture and 
governance. 

The analysis makes plain that the ELOPA’s approach to supervision is at a stage of 
transition and it is fast moving towards a digital model of EU insurance supervision 
in response to the relevant initiatives of the EU Commission to foster technological 
innovation and promote the implementation of a digital strategy in all three sectors of 
the EU financial system. Specifically, three findings emerge from our analysis. 

The first finding is that digital reporting is not new to EIOPA. The Authority has 
in place a digital system for Solvency II reporting. However, its scope is narrow, and 
the system has faced challenges with data quality and standardisation. Building on 
the current experience with Solvency II reporting, EIOPA is increasingly assuming a 
leadership role in coordinating EU-level initiatives, including OPIN, the InsurTech 
Task Force, InsurTech Roundtables, EFIF and DGE. While these initiatives are 
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welcome, establishing an EU-level system of digital reporting requires an ambitious 
and detailed strategy, which may over-stretch the Authority’s mandate in the future. 

The second finding is that EIOPA perceives its role as a coordinator rather than a 
centralised data service provider, within the emerging digital ecosystem of reporting. 
This can be explained by the impact of the EU administrative law principles of 
proportionality and subsidiarity, the Meroni doctrine, and the concomitant structure 
of the ESFS on the objectives, tasks and powers of EIOPA. Proportionality requires 
the adoption of digital reporting by EIOPA to be guided by the suitability, necessity 
and balancing of any adverse impact of EU action. The Meroni doctrine restricts 
EIOPA rulemaking to technical rather than policymaking domains. Subsidiarity 
vests NCAs with direct supervisory powers, which promote national supervisory 
autonomy but undermine the prospect of an EU-level centralised system of digital 
reporting. Indeed, it is difficult to strike a satisfactory trade-off between a common 
supervisory approach and maintaining national supervisory autonomy. 

Finally, the third finding is that the setting up and running of an EU wide system 
of digital reporting in the field of insurance will prove to be particularly challenging 
due to a series of factors which yet have escaped thorough consideration. These are 
(a) the degree of current and projected sophistication of the relevant technology that 
will be required to provide the necessary digital infrastructure; (b) the limited 
translatability of rulebook content into algorithms to enable machine readability 
and machine executability, and (c) difficulties with data architecture and governance. 

Our findings point to concrete themes that could provide the building blocks for a 
more comprehensive blueprint for an EU system of digital reporting as an integral 
aspect of insurance supervision with wider implications given their relevance to the 
other two European Supervisory Authorities. To be sure, this chapter did not address 
the full spectrum of themes that are intertwined with digital reporting and the advent 
of EU algorithmic financial regulation more generally. The impact of EU regulatory 
technology on the use of administrative discretion both at the EU level as well as at 
national levels, automation bias!7! and the concomitant problem of deskilling, 7? the 
compatibility of regulatory technology with the principles of EU administrative and 
constitutional law — to mention a few — are equally important and call for systematic 
investigation in their own right which, given space constraints, will have to be 
postponed for another occasion. 


121 Automation bias is the general belief that—compared to humans—computers are more rational 
and objective in their decision-making. The belief of the superior rationality of machines is in many 
respects unfunded but nonetheless strong. See Lohr et al. (2019), p. 231; Cobbe (2019), p. 641. The 
phenomenon has been observed in criminal prosecution with judges using the aid of AI to decide 
whether to bail an alleged offender or determine the length of sentence and finding it extremely hard 
to ignore machines making predictions on the chances of re-offence. See Fry (2020). 

12? Deskilling is intertwined with automation bias. Financial supervision involves a wide range of 
normative reasoning skills including the capacity to sense a degree of social connection, critical 
judgment, empathy and moral imagination all of which will atrophy because of growing reliance on 
automation. See Scantamburlo et al. (2019), pp. 75-76. On the degradation of cognitive skills, see 
further, Volz et al. (2016); Shiffrin (2010), p. 1222, 1244. For a more general discussion see 
Alexander and Sherwin (2001). 
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Abstract Financial reporting obligations for financial institutions, including insur- 
ance companies, have increased in recent years and insurers needs to stay up-to-date 
on the latest revisions of International Financial Reporting Standards and data 
reporting requirements and to comply with it. Many of these reporting obligations 
on listed and large non-listed insurers will benefit the insurance industry in the long 
term but it is challenging and costly task for insurance companies. The complexity of 
organizing high-quality data, transparent and structured reporting processes for 
different purposes (e.g., financial and regulatory reporting, CSR reporting, and 
many other types of reporting at local level) with internal and external stakeholders 
within a specified time frame, have become a strategic initiative, value-based 
investment, and opportunity for growth of insurance companies. To meet the various 
reporting requirements while overcoming reporting challenges, insurance companies 
need to ensure effective data governance and oversight in their reporting processes, 
which require considerable staff resources, and expertise in a wide variety of area, 
including appropriate IT architecture setup. In this chapter, we will analyze financial 
reporting obligations for insurance companies and evolution of the international 
accounting standards for the insurance industry. Moreover, we will discuss some 
practical issues facing insurers to comply with different regulatory, financial, and 
business reporting requirements to fulfill their reporting obligations. 


1 Introduction 


The global financial crisis of 2007-2008 and subsequent world recession affected 
large numbers of financial institutions by slowing down their business activities and 
decreasing their earnings. Although banks were at the center of the financial crisis, 
for many individual insurers, direct exposure of the crisis has revealed inefficient and 
ineffective business processes, which were misaligned with a company’s activities 
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and strategic direction (e.g., risk management, rationality in making financial deci- 
sions, investment, pricing, reserving or business grow) and inadequate minimum 
level of capital.' 

The crisis in financial markets was also indicative of market and government 
failures, unsatisfactory supervisory practice of the financial sector as a whole at both 
national and international level. In addition, the crisis has exposed shortcomings in 
financial regulation that left considerable discretion to the Member States by the 
primary directives that governed the area.” The economic downturn revealed that the 
solvency regime for the insurance sector is not sufficiently risk sensitive, i.e., it does 
not contain an incentive to improve risk management and it is necessary to establish 
more effective financial reporting framework. 

Numerous changes in the regulatory frameworks, policy measures, standards 
tools and practice have been brought forward for both the insurance and banking 
sectors to build a more resilient financial system.° For insurance sector, this includes 
Directive 2009/138/EC (Solvency II) which is analogous to Basel II’s capital 
adequacy requirements for banks, Insurance distribution Directive? and International 
Financial Reporting Standard (IFRS) 17 Insurance Contracts. 

The global financial crisis helped with re-assessing the value of corporate 
reporting and modernizing and optimizing reporting processes. Corporate reporting 
has become very sophisticated in the last years and in most insurance undertakings is 
carried out in a very professional manner.° 

Despite substantial evidence of capital-market benefits from corporate disclo- 
sures, the multiplicity of different reporting and disclosure requirements poses great 
functional and technical challenge for an insurance companies who needs to adapt 
their businesses to new regulations and to maintain ongoing compliance.’ Most of 
the directives and regulations dealing with financial services are supplemented by 
various regulatory technical standards, implementing standards and guidance from 


'Schich (2010a), p. 15. 

Craig (2015), pp. 243-267; Reifner et al. (2011), p. 9. 

3Marano (2017), pp. 5-29. 

‘Directive 2009/138/EC of 25 November 2009 on the taking-up and pursuit of the business of 
Insurance and Reinsurance, Official Journal of the European Union, L 335/1. 

Directive (EU) 2016/97 of 20 January 2016 on insurance distribution, Official Journal of the 
European Union. 

Reporting to supervisory authorities help regulators in terms of monitoring the regulatory capital, 
safety, and soundness of the legal entity. Public disclosure by insurance companies: leads to more 
competition and offers a unique opportunity for self-assessment of the situation on the ground, 
including through data collection and analysis for legislative and policy review. Corporate reporting 
is very flexible to adapt to changing environment and new risks (e.g., technological, demographic, 
climate and political changes, cyber risks). 

7For a selective literature review about reporting obligation and disclosure by insurance companies, 
see representative bibliography as follows: Bloomer (2005), pp. 101-107; Pucci (2012), 
pp. 115-138; De Mey (2009), pp. 228-241; Horing and Griindl (2011), pp. 380-413, Jovkovié 
(2018), pp. 110-126; Chiaramonte, et al. (2020), p. 5530. 
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EU and national regulators and insurance companies are expected to be compliant 
with all the applicable laws and regulations. 

Producing and submitting structured financial and regulatory reports and other 
type of reports by collecting and combining data from multiple sources, for internal 
or external stakeholders, is a challenging and time-consuming task. For many 
financial institutions, including insurance companies, reporting obligations and 
disclosure is a mandatory obligation and exists only as a subsidiary function within 
different departments. Many insurance companies struggled how to organize skilled 
professional team responsible for regulatory compliance with a line of sight over 
reporting strategy, execution and an understanding of the full regulatory 
environment. 

Additional problem represent how to deliver accurate and timely reports to 
regulators and the market and to ensure data security, data privacy, and data 
compliance. Some reporting requirements imposed by different supervisors are 
additionally costly, inconsistent, and duplicative, and the similar information needs 
to be delivered to different regulators in different ways and through different 
technology platforms.® 

There are significant unrecognized costs associated with errors, duplication of 
data and inefficient or incorrectly reporting processes that accrues for a variety of 
reasons (for example, data compiled for a specific purpose was reused for another 
report, with different underlying requirements and constraints). Some information 
demands are often excessive or unnecessary (sometimes, data are collected and not 
used) which leads to inefficiency. There are many open questions about relevance of 
the information contained in different mandatory reports and usefulness of reporting 
information for users.” 

This chapter aims to analyze the evolution of the international financial reporting 
standards and accounting requirements for insurance contracts. The development of 
an international standard for the accounting of insurance contracts, which reflects the 
complexity of the underlying insurance and reinsurance business, was a long and 
challenging process. Significant diversity in insurance contracts accounting practices 
has raised several issues regarding a successful implementation of new international 
standard for insurance contracts by insurers and its contribution to financial stability. 


2 The Evolution of the International Financial Reporting 
Standards 


The globalization of financial market and rapid growth of the trade in goods and 
services that goes beyond national borders, have triggered the need for a free 
movement of capital, goods, services and access to information included in the 
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financial statements of companies that operate in several countries. °? However, there 
were legal and accounting standard difficulties to achieve corporate disclosure, due 
to interest group resistance and the variety in national laws of the Member States.'! 

Companies engaged in foreign trade (multinational, international, transnational 
and global companies) needed to comply with the different accounting frameworks 
and standards applicable in countries in which they operate. Information from 
financial statements of these companies created confusion and had limited value to 
users in other countries if they were not familiar with the accounting standards 
underlying these statements. 

Many national interest groups in various countries realized that the growth in 
global trade is possible to achieve with international accounting harmonization 
system and uniform EU company law, which involves harmonization of company 
financial reporting. 12 A number of international organizations engaged in process of 
development of accounting standard such as: United Nations, the OECD, the 
European Economic Community (EEC), Accounting Standards Committee (inde- 
pendent professional accounting body—IASC)’* and the International Federation of 
Accountants. The aim was to develop understandable and enforceable accounting 
standard, which will serve equity investors, lenders, creditors, and others in global- 
ized capital markets. 

However, the harmonization of financial statements by developing standards that 
could serve as a model on which national standard setters could base their own 
standards was a long-term process. The first steps towards harmonizing accounting 
standards were to align accounting standards in Europe. "4 

The harmonization of accounting standard started with the adoption of the Fourth 
Council Directive 78/660/EEC of 25 July 1978 on the annual accounts of certain 
types of companies and Seventh Council Directive 83/349/EEC of 13 June 1983.'° 
Those two directives had a significant impact on company reporting in the Member 
States and they have remained largely unchanged until 2013. 

The Fourth Council Directive’s first draft was published in 1971, amended drafts 
were issued in 1974 and adopted in 1978.'° Member States were supposed to 
implement the Fourth Council Directive 78/660/EEC until 1980 but they have failed 


10 Held et al. (2000), pp. 14-28. 

11 Nobes (1998), pp. 162-187; Buxbaum (1991), p. 407. 

There were groups who were mainly interested in regulations that imposes stricter reporting, 
auditing, and accounting requirements for international companies with the goal to exercise greater 
control over their business activities. 

13 The IASC was replaced by the International Accounting Standards Board in 2001. 

'4Van Hulle (2002), pp. 357-365. 

'SThe Fourth Company Law Directive (78/660/EEC) establishes the content of financial informa- 
tion that should be made available to the public by limited liability companies and the content of 
annual accounts (balance sheet, profit and loss account and the notes to the accounts), the 
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to do so. The Directive was transposed with considerable delay in some countries. 
For example, the Fourth Council Directive was transposed into German law in 
1985," Spain and Portugal in 1989, Austria in 1990,'® Italy in 1991 and Sweden 
in 1995, etc. 

To ensure agreement between Member States on a numerous issue, existing due 
to the different legal accounting rules and policy approaches, the Directive allowed 
Members States with a lot of flexibility on how to individually implement 
it. Moreover, certain flexibility were left to companies to prepare their financial 
statements to meet the needs of users. Thus, the Fourth Council Directive 78/660/ 
EEC served more as recommendation, which provides guidance on how the pro- 
visions of the Directive should be used than an agreed standard. 

Despite the fact that Fourth Council Directive 78/660/EEC was first stage of the 
harmonization process of accounting standards and it improved the comparability of 
annual financial statements of companies throughout Europe, there were some 
practical problems of its implementation.!° 

There are a number of very significant accounting issues on which the Fourth 
Council Directive 78/660/EEC is silent. For example, the Fourth Council Directive 
78/660/EEC does not include provisions about translation of foreign currency trans- 
actions, accounting for the effects of changing prices on financial statements or 
problem of deferred-tax accounting.”° 

A few years later, The Council took additional steps towards a harmonized 
European accounting system with the adoption of two Directives dealing specifically 
with annual accounts and consolidated accounts specific to banks”! and insurance 
undertakings.” 

The International Accounting Standards Committee (LASC) has undertaken even 
bigger task to produce accounting standards that would be implemented world- 
wide.” During the period between 1973-1987, the IASC generated most of the 
International Accounting Standards (AS) 


'7German legislature transposed The Fourth Directive by the Accounting Directives Law 
(Bilanzrichtliniengesetz, BGBI (1985 I), p. 2355) and applied its rules to the capital companies 
and all traders, including subsidiaries of companies registered in other Member States. 

'8 Alexander and Eberhartinger (2009), pp. 571-594. 

' Walton (2015), pp. 135-151. 

20The IASC was formed in 1973 through an agreement made by the leading accounting bodies of 
ten countries: Australia, Canada, France, Germany, Japan, Mexico, The Netherlands, the U.K., 
Ireland, and the U.S. The IASC decided to restructure in April 2001 and became the International 
Accounting Standards Board (([ASB) and International Financial Reporting Standards (IFRS) 
replaced the IAS; Camfferman and Zeff (2007), p. 21; Zeff (2011), pp. 807-837. 

21 Council Directive 86/635 of 8 December 1986 Annual Accounts and Consolidated Accounts of 
Banks and Other Financial Institutions, 1986 O.J. (L 372) 1, 1. 

?2 Council Directive 91/674 of 19 December 1991 Annual Accounts and Consolidated Accounts of 
Insurance Undertakings, 1991 O.J. (L 374) 7, 7. 
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The IAS (which were all prefixed with “IAS”—e.g., IAS 10 Events After the 
Reporting Period, IAS 14 Segment Reporting, IAS 21The Effects of Changes in 
Foreign Exchange Rates, IAS 34 Interim Financial Reporting) represent an attempt 
to find “middle ground” between national accounting regulations, where the finan- 
cial reporting standards are already highly developed, as opposed to an effort on 
international standardization in financial reporting. The level of harmony of financial 
reporting within and between countries depends on the degree of compliance with 
the IAS. IAS standards were increasingly used as a model by national accounting 
standards setters but they were not implemented by a significant number of large 
companies.” 

Some commentators questioned the scope and authority of IAS Standards.”° 
IASC was established in 1973 as a part-time, voluntary organization, run by the 
professional accounting bodies from nine countries. The IASC was not a govern- 
ment body and the IAS Standards could not be imposed as a set of accounting rules 
that could be part of a standard international listing agreement and applied by all 
national regulators.” 

The Restructuring structure of the IASC started in 2001. IASC handed over its 
functions to the International Accounting Standards Board (IASB). The newly 
formed IASB took over the standards of the IASC and decided to name new 
accounting standards issued by the IASB as International Financial Reporting 
Standards (IFRS). 

In June 2002, the European Union has endorsed the International Accounting 
Standards (IAS/IFRS) for all EU companies (including many of the largest insurance 
companies in Europe) that are listed on European exchanges through the adoption of 
the Regulation (EC) No 1606/2002.” From 2005 all companies were required to 
prepare and publish their consolidated financial statements in accordance with 
IFRS.” The Regulation (EC) No 1606/2002 authorizes EU Member States to extend 
the IFRS requirement to the consolidated financial statements of non-listed 
companies.*” 


*5 Walton (2003), pp. 59-65. 

?©Danjou and Walton (2012), pp. 1-15; Pelger and Spieß (2017), pp. 64-90; Richardson and 
Eberlein (2011), pp. 217-245. 

7 Flower and Ebbers (2002), p. 239. 

?8 Regulation (EC) No 1606/2002 of the European Parliament and of the Council of 19 July 2002 on 
the application of international accounting standards, Official Journal L 243, 11/09/2002 p. 0001- 
0004. 

°° Some types of listed company did not need to comply with IFRS until 01.01. 2007. Individual 
Member States had option to decide about this delayed implementation. Temporary exceptions are 
made for companies with a listing outside the EU who were using internationally accepted 
standards. 
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Since 2011, the European Commission has taken steps with the goal of imposing 
obligations on listed and large non-listed entities to disclose certain non-financial 
information about sustainable development and environmental policy in the annual 
reports.*! 

The result was a new law on accounting, the Directive 2013/34/EU of 26 June 
2013?” on the annual financial statements, consolidated financial statements and 
related reports of certain types of undertakings, which also applies on credit institu- 
tions and insurance companies.*” Directive 2013/34/EU combines and updates the 
requirements of the 4th and 7th Council Directives and refers both to the individual 
financial statements and consolidated financial statements.” 

The main focus of Directive 2013/34/EU is to harmonize accounting and simplify 
reporting and disclosure requirements which will lead to reducing administrative 
burdens and the lower costs of financial reporting for small- and medium-sized 
enterprises ((SMEs) and micro-enterprises. However, the reduction of the adminis- 
trative burden for SMEs has not been fully achieved due to the different transposition 
of the Directive 2013/34/EU in some Member States, and the fact that there are no 
middle-sized entity categories in some countries.” 

Directive 2014/95/EU amended Directive 2013/34/EU and represents first step in 
the field of mandatory sustainability reporting. This directive requires large compa- 
nies (exceeding 500 employees) to include annual non-financial statements on 
sustainability and diversity, either as a part of their management report or as a 
separate document from 2017 onwards.” 


3! European Commission, Communication from the Commission to the European Parliament, the 
Council, the Economic and Social Committee and the Committee of the Regions, Single Market 
Act—Twelve levers to boost growth and strengthen confidence—“Working together to create new 
growth”, Brussels, 13 April 2011, COM(2011) 206 final; European Commission, Communication 
from the Commission to the European Parliament, the council, the European economic and social 
committee and the committee of the regions. A renewed EU strategy 2011-14 for Corporate Social 
Responsibility, adopted on 25 October 2011. 

32Directive 2013/34/EU of 26 June 2013 on the annual financial statements, consolidated financial 
statements and related reports of certain types of undertakings, amending Directive 2006/43/EC of 
the European Parliament and of the Council and repealing Council Directives 78/660/EEC and 
83/349/EEC, Official Journal of the European Union, L 182/19. 

33 PakSiova (2018), pp. 736-745; Marius (2014), pp. 197-205. 

34 Directive 2013/34/EU contains definition of Public Interest Entities (PIEs) and includes all 
insurance undertakings in the EU, regardless of whether they are listed or not and regardless of 
whether they are life, non-life, insurance or reinsurance undertakings; Hyblova and Koléavova 
(2017), pp. 1349-1357; Strampelli (2018), pp. 541-579. 

> Hyblova (2019), pp. 604-621. 


36 Directive 2014/95/EU of 22 October 2014 amending Directive 2013/34/EU as regards disclosure 
of non-financial and diversity information by certain large undertakings and groups, Official Journal 
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3 Evolution of Accounting Rules and Financial Statements 
for Insurance Companies 


The lack of quality and consistency in insurance reporting and accounting practices 
has resulted in weak usefulness of financial statement information for investors, 
creditors and analysts to evaluate a company’s financial position and performance. 
Compared with the banking sector, the insurance sector in the EU was not known for 
its transparency in financial reporting that reflects economic reality towards super- 
visory authorities and stakeholders. Moreover, insurance sector has not followed 
financial reforms that was developed by the Basel Committee on Banking Supervi- 
sion (BCBS) in banking (Basel reforms).*” 

An internationally accepted accounting standard for the measurement of insur- 
ance contracts did not exist until 2004.** The absence of international standards for 
insurance industry, both in accounting and in solvency, has resulted to the fragmen- 
tation of the existing insurance accounting practices, which are often inconsistent 
with accounting practices of other industries. Significant diversity in insurance 
contracts accounting practices was also the result of different accounting standards 
and different types of insurance products in each jurisdiction.” 

The IASB (formerly IASC) has been working on a new international standard for 
insurance contracts based on fair value for many years to reduce the differences 
among the accounting principles used in insurance industry and improve compara- 
bility and understanding of the income statement of companies issuing insurance 
contract across entities, jurisdictions, and capital markets.*° 

The development of an international standard for the accounting of insurance 
contracts has raised several conceptual and practical issues regarding its application. 
Some issues are general and affect all financial institutions and some specific to the 
insurance sector. 

Insurance is a unique financial service and preparation of financial statements of 
insurance business requires the application of actuarial science to determine results, 
and then to integrate those results with accounting rules.*! The preparation and 
production of high quality financial statements of insurance business can be very 
complicated; whether the insurance business is long-term such as life insurance or 


37Q’Shea (2013), p. 2; Kozarevic et al. (2018), pp. 225-246; Gatzert and Wesker (2012), 
pp. 539-570; Chiaramonte (2018), pp. 167-188. 


38 Insurance contracts have been excluded from the scope of the accounting standard for financial 
instruments in the United States, FAS 133, as it was a common opinion that financial market is not 
ready to determine fair values for insurance contracts; Dickinson (2003a), p. 151; Nguyen and 
Molinari (2013), p. 384. 


3° Foroughi et al. (2012), p. 570. 
“Dickinson (2003a), pp. 151-175. 
# Insurance Europe (2019), p. 3. 
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health and long-term care insurance; or short insurance business duration with a long 
term such as workers’ compensation insurance.“ 

Insurance is interdisciplinary topic and interacts with various fields of law, 
accounting, marketing, economics and finance.*? It can be defined from legal aspect 
(contract of law,) risk management and risk transfer tool, social or commercial 
device providing financial compensation and for accounting , insurance is an 
intangible product of insurance business.** Definition of insurance contracts are 
relevant regarding insurance accounting standards for insurance contracts and deter- 
mines whether a contract is within the scope of IFRS or another standard. 

Another debate concerns the question of fair value accounting for insurance 
contracts in financial reporting. Insurance contracts are not tradable financial instru- 
ments (unless considering their tradeable stock or debt in the secondary market) and 
market values cannot be objectively presumed. Insurance accounting measurement 
models involves using judgment, estimation and clear and precise rules for fair value 
for insurance.*° 

The IASC/IASB and Financial Accounting Standards Board (FASB) have been 
dealing with the challenges in auditing fair value measurements on assets and 
liabilities arising from insurance contracts for a number of years.“° IASC/IASB 
and FASB have promulgated a number of conceptual frameworks for Financial 
Reporting and fair value measurement Standards requiring fair value accounting for 
selected (largely financial) assets and liabilities.*’ There is still ongoing discussions 
among professionals with respect to the application of fair value accounting of 
Insurance Contracts but it is difficult to reach complete consensus about this topic. 

There are many other challenges involved in adopting and implementing inter- 
national standards for insurance contracts which involves, how to ensure effective 
accounting rules, how to increase reporting transparency and give users a better 
understanding of the sources and trends of earnings or excessive implementation 
costs. Another important challenge is how to ensure that the long-term nature of 
insurers’ business is captured in annual reporting. 

The development of the new international accounting standards for insurance 
contracts is part to a European Union’s initiative to converge their financial reporting 


4 Albrecher et al. (2018), pp. 9-25; LaDou (2011), p. 103. 
“Hollman et al. (1991), p. 714; Rohrbach (2018), p. 7. 
44 Stanić and Glavaš (2013), p. 654. 


45 Center for Excellence in Accounting & Security Analysis (2008), p. 44; Araceli (2019), pp. 1-19. 
Walton (2013), p. 423. 


46 Alexander et al. (2012), p. 84. 


4 The Financial Instruments Joint Working Group of standard setters (IWG) proposed in its “Draft 
Standard and Basis for Conclusions Financial Instruments and Similar Items” a hierarchy of 
methods for determining fair value of financial instruments. Since many insurance contracts are 
included within its definition of financial instruments, this hierarchy presumably would apply to 
insurance liabilities. 
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standard to International Financial Reporting Standards.** There was no accounting 
standard for insurance contracts before the establishment of the European Union 
(EU) in 1992, and IFRS for insurance contracts relied on local GAAP.*” 

In 1997, the IASB initiated a two-phase project called “Insurance Contracts” and 
set up a steering committee to carry out the initial work on new accounting 
requirements for insurance contracts.’ This project was split in two-phase, mainly 
because of complexity to develop a full standard by the time of EU’s 2005 year-end 
deadline for the mandatory adoption of IFRS. About the same time, the EU started 
work on Solvency II, a framework directive aimed at enhancing policyholder 
protection; improve (international) competitiveness of EU insurers and streamlining 
and strengthening solvency requirements across the EU in an effort to create a single 
market for insurance.”! 

In December 1999, the IASC Steering committee published an Issues Paper on 
Insurance and in June 2001 developed first Draft Statement of Principles—Insurance 
contract (DSOP) which was based on its work and the 138 comment letters to the 
issue paper.” The DSOP was never approved because of many issues raised by 
actuaries, insurance companies but it created a foundation for further work. In 
October 2001, the IASC Steering committee published last DSOP and in July 
2003, the IASB Published Exposure Draft ED 5—Insurance Contracts.’ 

The IASB’s insurance accounting project, phase 1, was completed in March 2004 
when IFRS 4 was released an interim standard. IFRS 4 provides only limited 
improvements to accounting practices for insurance contracts until comprehensive 
accounting standard (IFRS 17) could be finalized. IFRS 4 permits an entity to 
continue of existing accounting practices (paragraph 25) and requires to disclose 
information that identifies and explains the amount, timing and cash flow assump- 
tions from insurance contract (paragraph 15). Thus, many IFRS jurisdictions where 
IFRS is used for general purpose financial reporting do not also use IFRS 4 for 
regulatory purposes because of the absence of a consistent accounting framework for 
all insurance contracts in IFRS 4. They instead specify supervisory methods for the 
determination of insurance contract liabilities. For example, in the European context, 
solvency assessment is not based on IFRS but on balance sheets using the Solvency 
II framework.” 


48 The notion of harmonization was replaced by the concept convergence by the 1990s. The 
definition of convergence refers to the development of a unified set of high-quality, international 
accounting standards that would be used in capital markets; Pacter (2005), p. 2; Mohd et al. 
(2019), p. 506. 

Ortiz (2005), pp. 36-51; PWC (2017). 

*°Dickinson (2003b), pp. 151-176. 


>! Directive 2009/138/EC of 25 November 2009 on the taking-up and pursuit of the business of 
Insurance and Reinsurance (Solvency ID), Official Journal of the European Union L 335/1; Marano 
(2017), pp. 5-29. 


5? Altenburger (2006), p. 323. 
53 Dickinson (2003a), pp. 151-175. 
>4Engeliinder and Kölschbach (2006), p. 512. 


Financial Reporting in Insurance and International Financial Reporting. . . 255 


On 18 May 2017, IASB published IFRS 17 “Insurance Contracts” which replaces 
interim standard, IFRS 4 Insurance Contracts. The IFRS 17 Standard will be 
effective for annual reporting periods beginning on or after 1 January 2023. Subse- 
quently, after a period of consultation, the IASB issued amendments to IFRS 4°° 
which allows an insurance entity to use the overlay approach? and temporary 
exemption from applying IFRS 9 Financial Instruments to annual reporting periods 
beginning on or after 1 January 2023. This means that insurers will still be able to 
apply IFRS 17 and IFRS 9 at the same time, thus reducing implementation costs and 
possibly accounting mismatches. 


4 Financial Stability and the Insurance Sector 


Financial reporting transformation and development of an international standard for 
the accounting of insurance contracts started much later than in banking sector.°’ 
There were several reasons for a late start: global insurance market is characterized 
by differences between developed and developing countries; thus, insurance busi- 
ness model is less globalized than other areas in finance (e.g., capital markets or 
investments). 8 There were also limited research of the insurer’s business model and 
its interactions with financial and other financial intermediaries.” 

As mentioned, the financial crisis of 2008 and the subsequent recession had 
negative effects on economy, including decreased of business activities of global 
and regional financial and insurance companies. Some insurers experienced sub- 
stantial capital deterioration, some of them required government support (e.g., the 


°° The amendments in Applying IFRS 9 “Financial Instruments” with IFRS 4 “Insurance Contracts” 
on 12 September 2016 and Extension of the Temporary Exemption from Applying IFRS 9 on 
25 June 2020. 


56 The overlay approach mitigates some of the effects from the volatility caused by misalignment of 
the implementation of IFRS 9 and IFRS 4. It allows an insurance entity to exclude from profit or loss 
certain effects of IFRS 9 and regrouped these amounts to other comprehensive income (OCI) for 
certain financial assets. 

°’The case is the same with the Basel Committee on Banking Regulations and Supervisory 
Practices (BCBS) which was founded in 1974. The first set of principles for sharing supervisory 
responsibility for banks’ foreign branches, subsidiaries, and joint ventures between host and parent 
(or home) supervisory authorities (“Concordat”) was issued in 1975. The BCBS developed over 
several years. The Basel Accords (Basel I in 1988, Basel II in 2004, Basel II in 2010) and BCBS 
report on Basel III implementation in October 2012. Similarly, insurance regulators developed the 
First Council Directive 79/267/EEC of 5 March 1979, Directive 2002/83/EC (Solvency I) was 
adopted in 2002 and Solvency II in 2009; Basel Committee on Banking Supervision 2012; 
Loguinova (2019), p. 19; Zweifel (2014), pp. 135-157. 

58 Olasehinde-Williams and Balcilar (2020). 


>» Trichet (2005), pp. 65-71. 
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case of American International Group—AIG) or some insurers needed to seek 
changes to accounting rules to provide capital relief.” 

For insurers, financial crisis and economic recession simultaneously influenced 
the decrease in the value of assets and an increase in the value of liabilities because it 
had strong negative impact on all insurers’ business activities (underwriting, invest- 
ments and risk transfer).°' The financial crisis has exposed multiple failures in the 
financial system and their implications for financial system stability. A number of 
tighter regulations of the financial sector have been issued to prevent future financial 
crise, including set of changes to accounting practice (US GAAP and IFRS).°° 

One of the key issues in the post-crisis environment was a restoring public 
confidence through the structural changes in the insurance industry. Some of legis- 
lator’s objective were: to strengthen the oversight of insurance companies that are 
considered important for systemic financial stability in the global financial system; 
and to develop a credible and coherent accounting standards and prudential capital 
standard for internationally active insurance groups (IAIGs). 

Traditionally, banks have been connected with concept financial stability (i.e., the 
absence of systemic risk) because of their maturity transformation and their leading 
role in the transmission of monetary policy, the payment system and the reallocation 
of savings to investments.°* The contribution to systemic risk by insurers has been 
regarded less significant than in banks. 

Insurance industry is going through a period of transformation driven by a 
number of factors, such as changes in the insurance sector environment, new 
disruptive technologies, regulatory activities. Insurers are expanding their activities 
beyond their core business which leads to a closer integration between insurance and 
banking undertakings.™ This is especially the case in the OTC derivatives markets, 
bancassurance or unit-linked or index-linked products.®° For this reason, the role of 


©°Tn the aftermath of financial crisis, American Insurance Group (AIG) faced liquidity problems. 
AIG achieved positive financial results in the underwriting business. Due to AIG excessive 
exposures to subprime mortgages that resulted from credit default swaps business of its financial 
products division and its negative investment results, the company declared a loss of $13 billion in 
August 2008. The government had to bail out the AIG by providing credit line of $85 billion in 
return for 79.9% share in AIG, factually nationalizing the company, and later by providing 
additional $37.8 billion. The other example is the case of Swiss Re. Swiss Re reinsurer losses 
came from a unit that was involved in writing credit default swaps, providing credit protection and 
capital market trading outweighed the profits from (well performing) core business to be had at the 
consolidated level of the group; Baluch et al. (2011), pp. 126-163; Hunt (2011), p. 1667; Schich 
(2010b), p. 45. 

6! Society of Actuaries (2017), p. 5. 

© Bender (2005), p. 13. 

©3Rambure and Nacamuli (2008), p. 69; Pascal (2020), p. 2. 

“4 Pavić Kramarić et al. (2019), pp. 163-178. 


© Rockas and Siafarika (2019), p. 2; Tomic (2017), p. 199. 
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insurance companies in financial market and relevance of the insurance sector for the 
overall stability of the financial sector has gained importance over the years.°° 

Discussions about remedial measures to address financial stability risks and 
vulnerabilities in the insurance sector started after the financial crisis and failure of 
AIG’s CDS (credit default swaps) business in 2008, decline in equity markets that 
began in 2000 and subsequent low interest rate environment.’ Moreover, strong 
interconnections between the insurance industry and the rest of the financial system, 
non-traditional or non-insurance activities of insurance companies (including their 
activities in credit risk transfers) has become increasingly relevant for maintaining a 
stable financial system. It is necessery to understand interaction between insurance 
companies with financial markets, banks and other financial intermediaries and the 
fluctuations in the business cycle to determine potential risk transfer from one sector 
to another. 

Banks and insurance companies are both financial institutions but very different 
in terms of business models, funding structure, financial products, different nature of 
underlying risks which is the result of many factors such as demographics, the 
structure of liabilities, the scale of operations, regulation, accounting practices and 
distribution channels.°* There have been attemps to push towards convergence 
between banking and insurance setor, including integration insurance regulation 
with the regulation of banking and investment business at EU level. However, 
this regulatory approach is not sufficiently taking account dfferences between banks 
and insurers. 

Bearing in mind contrasting business models and balance sheet structures of 
banks and insurers, different roles of capital, leverage, and risk absorption, it is 
clear that the banking model of capital cannot be applied to insurance. The case is the 
same with the accounting regime. 

The primary goal of IFRS 17 insurance contract is transparency, accountability 
and efficiency to financial markets which at same time promotes the long-term 
financial stability of the global economy. Insurers can be consider systematicly 
important because of the economic role of the insurance sector.”° 

It is hard to assess the extent to which insurers can be originators or transmitters of 
systemic risk in the financial system.’’ However, IFRS 17 will contribute to financial 
stability by providing more granular contractual data about insurers’s current and 
future profitability. 


°°Central bank of the Republic of Austria defines financial stability as a financial system being 
“capable of ensuring the efficient allocation of financial resources and fulfilling its key macroeco- 
nomic functions even if financial imbalances and shocks occur.” https://www.oenb.at/en/financial- 
market/financial-stability.html. 


©’ McDonald and Paulson (2015), pp. 81-106. 
68 Beltratti and Corvino (2008), pp. 363-388. 
© Noussia and Siri (2019), p. 28. 
Dickinson (1998), p. 519. 

” Baranoff (2011), p. 21. 
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5 Conclusion 


Financial institutions and insurance companies are facing with a regulatory environ- 
ment that changes rapidly, complex and expensive reporting requirements and 
numerous regulatory disclosures obligations. Many of these reporting requirements 
are not only limited to the financial performance of a company, but also include a 
relevant non-financial information statement on company’s impact on social and 
environmental matters. International Financial Reporting Standards and high quality 
of financial statement information have two main objectives. First, to bring high 
transparency, accountability and efficiency to financial markets through the interna- 
tional standards and second, transparency in financial reporting and accountability 
derived from accounting standard represent a significant factor for achieving finan- 
cial stability and underpin the trust that investors creditors and other interest groups 
place. IFRS 17 insurance contract represents first harmonized accounting model for 
insurance contracts. This new accounting requirements for insurance contracts was 
created to provide more transparent information about the effect and revenue of 
insurance contracts on financial statements for stakeholders, investors, analysts, and 
consumers. IFRS 17 insurance contract is complex regulation, which will require 
insurers to take a different approach to measuring and reporting insurance and 
reinsurance assets and liabilities for insurance contracts. Complying with this regu- 
lation will raise many practical implementation issues, including significant opera- 
tional costs for most companies. Another challenging task will be the organization of 
IFRS 17 compliance reporting structures, assigning roles and reporting responsibil- 
ities between different departments in a company. Smaller insurers, whose resources 
are limited, will need to consider outsourcing compliance processes to fulfill their 
reporting obligations. 


References 


Albrecher H, Bauer D, Embrechts P, Filipović D, Koch-Medina P, Korn R, Loisel S, Pelsser A, 
Schiller F, Schmeiser H, Wagner J (2018) Asset-liability management for long-term insurance 
business. Eur Actuarial J 8:9-25. https://doi.org/10.1007/s13385-018-0167-5 

Alexander D, Eberhartinger E (2009) The true and fair view in the European Union. Eur Account 
Rev 18(3):571-594 Available at SSRN: https://ssrn.com/abstract= 1331387 

Alexander D, Bonaci C, Mustata R (2012) Fair value measurement in financial reporting. Proc Econ 
Financ 3:84—90. https://doi.org/10.1016/S2212-5671(12)00124-4 

Altenburger OA (2006) IFRS 4 insurance contracts — verbesserte 
Versicherungsrechnungslegung?. ZVersWiss 95:323-332. https://doi.org/10.1007/ 
BF03353452 

Araceli M, McGeachin A, Barth M, Barker R, Wagenhoffer A, Joos P (2019) Fair value accounting: 
the eternal debate - AinE EAA Symposium, May 2018. Account Eur 16(3):1—19. https://doi. 
org/10.1080/17449480.2019.1664754 

Baluch F, Mutenga S, Parsons C. (2011) Insurance, systemic risk and the financial crisis. Geneva 
Pap Risk Insur Iss Pract 36(1):126—163. https://doi.org/10.1057/gpp.2010.40 


Financial Reporting in Insurance and International Financial Reporting. . . 259 


Baranoff EG, Haefeli D, Liedtke PM (2011) Insurers as systemically important financial institutions 
(SIFIs)? Activities-based methodology, systemic risk, Basel III, Financial Stability and Regu- 
lation 2011, Available at SSRN: https://ssrn.com/abstract=1772089 or https://doi.org/10.2139/ 
ssrn. 1772089 

Basel Committee on Banking Supervision (2012) Progress report on Basel III implementation. 
http://www.g20ys.org/upload/auto/829497400add53d124cefbe8b3f3820290340e02.pdf 

Beltratti A, Corvino G (2008) Why are insurance companies different? The limits of convergence 
among financial institutions. Geneva Pap Risk Insur Iss Pract 33(3):363-388. https://doi.org/10. 
1057/gpp.2008.13 

Bender C (2005) Umsatzerfassung nach US-GAAP und IFRS Konzeption, Problembereiche, 
Lösungsansätze Gabler Edition Wissenschaft 

Bloomer J (2005) Developments in international financial reporting standards and other financial 
reporting issues. Geneva Pap Risk Insur Iss Pract 30(1):101-107. https://doi.org/10.1057/ 
palgrave.gpp.25 10002 

Botez D, Pravat I (2009) Study concerning the differences between the Fourth directive and 
accounting standards from Romania. Ann Faculty Econ 3(1):791-795 

Buxbaum RM, Hirsch A, Klaus J, Hopt KJ, Hertig G (1991) European business law: legal and 
economic analyses on integration and harmonization. De Gruyter 

Camfferman K, Zeff AS (2007) Financial Reporting and global capital markets: a history of the 
international accounting standards committee. Oxford University Press, pp 1973-2000 

Cascino S, Clatworthy M, Osma GB, Gassen J, Shahed I (2021) The usefulness of financial 
accounting information: evidence from the field. Account Rev 96(1):117—146. https://doi.org/ 
10.2308/TAR-2019-1030 

Center for Excellence in Accounting & Security Analysis (2008) Principles for the application of 
fair value accounting. https://www0.gsb.columbia.edu/my gsb/faculty/research/pubfiles/3029/ 
FairValue.pdf 

Chiaramonte L (2018) The implications of Basel III liquidity regulatory reform. In: Bank liquidity 
and the global financial crisis. Palgrave Macmillan Studies in Banking and Financial Institu- 
tions. Palgrave Macmillan, Cham. https://doi.org/10.1007/978-3-3 19-94400-5_7 

Chiaramonte L, Dreassi A, Paltrinieri A, Pisera S (2020) Sustainability practices and stability in the 
insurance industry. Sustainability 12(14):5530. https://doi.org/10.3390/su12145530 

Craig P (2015) The financial crisis, the European Union institutional order, and constitutional 
responsibility, maastricht treaty, democracy deficit, lisbon treaty. Indiana J Glob Legal Stud 22 
(2):243-267. Available at: https://www.repository.law.indiana.edu/ijgls/vol22/iss2/2 

Danjou P, Walton P (2012) The legitimacy of the IASB. Account Eur 9(1):1-15. https://doi.org/10. 
1080/17449480.2012.664396 

De Mey J (2009) Reporting on the financial performance of life insurers. Geneva Pap Risk Insur Iss 
Pract 34(2):228—241. https://doi.org/10.1057/gpp.2009.6 

Dickinson G (1998) The economic role of the insurance sector in the risk transfer - capital market 
nexus. Geneva Pap Risk Insur Iss Pract 23(89):519-529. https://doi.org/10.1057/gpp.1998.45 

Dickinson G (2003a) The search for an international accounting standard for insurance: report to the 
accountancy task force of the Geneva Association. Geneva Pap Risk Insur Iss Pract 28 
(2):151-176. www. jstor.org/stable/41952682. Accessed 27 Apr 2021 

Dickinson G (2003b) The search for an international accounting standard for insurance: report to the 
accountancy task force of the Geneva association. Geneva Pap Risk Insur Iss Pract 28 
(2):151-175. https://doi.org/10.1111/1468-0440.00215 

Diggle G, Nobes C (1994) European rule-making in accounting: the seventh directive as a case 
study. Account Bus Res 24(96):319-333. https://doi.org/10.1080/00014788.1994.9729490 

Engelander S, K6lschbach JA (2006) Reliable fair value for insurance contracts. Geneva Pap Risk 
Insur Issues and Practice 31(3):512-527. https://doi.org/10.1057/palgrave.gpp.25 10093 

Flower J, Ebbers G (2002) The IASB: its origins and structure. In: Global financial reporting. 
Palgrave, London. https://doi.org/10.1007/978-1-137-10538-7_11 


260 K. Tomic 


Foroughi K, Barnard RC, Bennett RW, Clay DK, Conway EL, Corfield SR, Coughlan AJ, Harrison 
JS, Hibbett GJ, Kendix IV, Lanari-Boisclair MC, Brien DO, Straker JSK (2012) Insurance 
accounting: a new era? Br Actuarial J 17(3):562—649. Accessed 27 April 2021. http://www. 
jstor.org/stable/23356789 

Gatzert N, Wesker HA (2012) Comparative assessment of Basel II/III and Solvency II. Geneva Pap 
Risk Insur Iss Pract 37(3):539-570. https://doi.org/10.1057/gpp.2012.3 

Held D., McGrew A., Goldblatt D., Perraton J (2000) Global transformations: politics, economics 
and culture. In: Pierson C, Tormey S (eds) Politics at the edge. Political Studies Association 
Yearbook Series. Palgrave Macmillan, London. pp 14-28. https://doi.org/10.1057/ 
978033398 1689_2 

Hollman KW et al (1991) The structure and disciplinary boundaries of insurance: a citational 
analysis of JRI Articles. J Risk Insur 58(4): 714-721. JSTOR, www.jstor.org/stable/253082. 
Accessed 24 Apr 2021 

Höring D, Griindl H (2011) Investigating risk disclosure practices in the European insurance 
industry. Geneva Pap Risk Insur Issues Pract 36(3):380-413. https://doi.org/10.1057/gpp. 
2011.13 

Hunt JP (2011) Credit ratings in insurance regulation: the missing piece of financial reform. 
Washington Lee Law Rev 68(4):1667-1697. https://scholarlycommons.law.wlu.edu/wlulr/ 
vol68/iss4/3 

Hyblova E (2019) The current problems of harmonization of accounting for small and medium- 
sized enterprises. Econ Res-Ekonomska Istraživanja 32(1):604-621. https://doi.org/10.1080/ 
1331677X.2018.1561317 

Hyblova E, Koléavova A (2017) The consequences of “Options” in the Directive 2013/34/EU of the 
European Parliament and of the Council on the Financial Statements. Acta Universitatis 
Agriculturae et Silviculturae Mendelianae Brunensis. 65(4):1349-1357. https://doi.org/10. 
11118/actaun201765041349 

Insurance Europe (2019) Why insurance is unique And offers unique benefits for consumers. 
https://insuranceeurope.eu/sites/default/files/attachments/Why %20insurance%20is %20unique_ 
O.pdf 

Jovkovié BC (2018) Karakteristike finansijskih izveštaja osiguravajućih kompanija i njihova 
revizija. Bus Econ 12(1):110-126. https://doi.org/10.5937/poseko13-16143 

Knežević G, Stanišić N, Mizdrakovié V (2013) Analiza finansijskih izvještaja. Univerzitet, 
Singidunum 

Kozarevic S, Kozarevic E, Porretta P, Santoboni F (2018) Implementation of Basel and solvency 
risk assessment standards in banks and insurance companies of South-Eastern Europe Coun- 
tries. Risk Assessment:225—246. https://doi.org/10.5772/intechopen.70605 

LaDou J (2011) The European influence on workers’? compensation reform in the United States. 
Environ Health 10:103. https://doi.org/10.1186/1476-069X-10-103 

Loguinova K (2019) A critical legal study of the ideology behind Solvency II, Economic and 
financial law & policy — shifting insights & values. Springer. https://doi.org/10.1007/978-3-030- 
26357-7 

Marano P (2017) Sources and tools of the insurance regulation in the European Union. In: 

Marano P, Siri M (eds) Insurance regulation in the European Union. Palgrave Macmillan, 

Cham, pp 5-29. https://doi.org/10.1007/978-3-319-61216-4_2 

Marius D (2014) The New EU Accounting Directive — A Comparison of Reporting Requirements 

(1 May 2014). Annals of “Constantin Brancusi” University of Targu-Jiu, 2014, Available at 

SSRN: https://ssrn.com/abstract=2775921 

McDonald R, Paulson A (2015) AIG in Hindsight. J Econ Persp 29(2):81-106. https://doi.org/10. 

1257/jep.29.2.81 

Mohd A, Mohd A, Mohd A (2019) Barriers in adoption of IFRS in developed and developing 
economies: TIFS framework. Int J Recent Technol Eng 8(4):506-5 12. https://doi.org/10.35940/ 
ijrte.D7105.118419 


Financial Reporting in Insurance and International Financial Reporting. . . 261 


Nagari F, Muriithi A, Marshall R (2017) Data management in the new world of insurance fiancial 
and actuarial, Deloitte. https://www2.deloitte.com/content/dam/Deloitte/cn/Documents/finan 
cial-services/deloitte-cn-fs-data-management-in-new-world-of-insurance-finance-and-actuarial- 
en-171207.pdf 

Nguyen T, Molinari P (2013) Accounting for “insurance contracts” according to IASB exposure 
draft—is the information useful? Geneva Pap Risk Insur 28(2):376-398. https://doi.org/10. 
1057/gpp.2012.11 

Nobes C (1998) Towards a general model of the reasons for international differences in financial 
reporting, Abacus 34(2):162-187. https://doi.org/10.1111/1467-628 1.00028 

Noussia K, Siri M (2019) The legal regime and the relevant standard, distribution of insurance- 
based investment products the EU regulation and the liabilities: the EU regulation and the 
liabilities. Springer, pp 27-58. https://doi.org/10.1007/978-3-030-1 1668-2 

O’Shea M (2013) Comparison of the Regulatory Approach in Insurance and Banking in the Context 
of Solvency II, European actuarial consultative group. https://actuary.eu/documents/SII%20vs 
%20Basel%200_Dec_12_final.pdf 

Olasehinde-Williams G, Balcilar M (2020) Examining the effect of globalization on insurance 
activities in large emerging market economies. Res Int Bus Financ 53(C):101228. https://doi. 
org/10.1016/j.ribaf.2020.101228 

Ortiz E (2005) GAAP choice by European companies. Eur Bus Rev 17(1):36-51. https://doi.org/10. 
1108/095553405 10576258 

Pacter P (2005) What exactly is convergence? Int J Account Audit Perform Eval 2(1—2):67-83. 
https://doi.org/10.1504/IJAAPE.2005.006893 

PakSiova R (2018) The comparison of requirements for a disclosure of non-financial information 
according to legal regulations in Slovakia and EU directives, Fourth international scientific 
conference ERAZ 2018 pp 736-745. https://doi.org/10.31410/eraz.2018.736 

Pascal P (2020) Banks, Maturity Transformation, and Monetary Policy, Federal Reserve Bank of 
San Francisco Working Paper 2020-07. https://doi.org/10.24148/wp2020-07 

Pavić Kramarić T, Miletić, M, Kožul BlaZevski R (2019) Financial stability of insurance companies 
in selected CEE countries. Bus Syst Res J 10(2):163-178. https://doi.org/10.2478/bsrj- 
2019-025 

Pelger C, Spieß N (2017) On the IASB’s construction of legitimacy — the case of the agenda 
consultation project. Account Bus Res 47(1):64—90. https://doi.org/10.1080/00014788.2016. 
1198684 

Pucci S (2012) Insurance financial statements, Bancassurance in Europe. Palgrave Macmillan, pp 
115-138 

PWC (2017) IFRS adoption by country https://www.pwe.ru/ru/ifrs/ifrs- 17-hub-int/pwc-ifrs-by- 
country-2016.pdf 

Rambure D, Nacamuli A (2008) The role of payment systems in the economy. In: Payment systems. 
Palgrave Macmillan Studies in Banking and Financial Institutions. Palgrave Macmillan, 
London, pp 69-73. https://doi.org/10.1057/9780230227217_S 

Reifner U, Clerc-Renaud S, Knobloch RA M, Flach L (2011) Financial Supervision in the EU A 
consumer perspective Institut fiir Finanzdienstleistungen e.V Hamburg https://www.beuc.eu/ 
publications/201 1-00396-01-e.pdf 

Richardson AJ, Eberlein B (2011) Legitimating transnational standard-setting: the case of the 
international accounting standards board. J Bus Ethics 98(2):217-245. www.jstor.org/stable/ 
41475812. Accessed 27 Apr 2021 

Rockas I, Siafarika A (2019) The notion of insurance-based investment products, distribution of 
insurance-based investment products the EU regulation and the liabilities: the EU regulation and 
the liabilities, pp 3-25. https://doi.org/10.1007/978-3-030-1 1668-2 

Rohrbach W (2018) Značaj istorije osiguranja. Tokovi osiguranja 3:7—26. http://tokoviosiguranja. 
edu.rs/wp-content/uploads/2018/12/18-03_1.pdf 

Samuels JM, Piper A (1985) International accounting: a survey croom helm series on international 
accounting and finance. St. Martin’s Press 


262 K. Tomic 


Schich S (2010a) The role of insurance in the recent financial crisis. Insur Mark Comp Anal 
Actuarial Comput 1(1):45—53. https://businessperspectives.org/images/pdf/applications/publish 
ing/templates/article/assets/28 19/IMC_2010_1_Schich.pdf 

Schich S (2010b) Insurance companies and the financial crisis. OECD Journal: Financial Market 
Trends. https://www.oecd.org/pensions/insurance/44260382.pdf 

Society of Actuaries (2017) Reviewing Systemic Risk within the Insurance Industry. https://www. 
soa.org/globalassets/assets/files/research/projects/reviewing-systemic-risk.pdf 

Stanić L, Glavaš J (2013) Uloga i značenje menadžmenta u osiguranju, Ekonomski vjesnik: Review 
of Contemporary Entrepreneurship, Business, and Economic Issues 16(2):637—653 

Strampelli G (2018) The EU issuers’ accounting disclosure regime and investors’ information 
needs: the essential role of narrative reporting. Eur Bus Organ Law Rev 19:541-579. https://doi. 
org/10.1007/s40804-018-0112-8 

Tomic K (2017) Bankoosiguranje na tržištu osiguranja zemalja Europske Unije, XVII Conference 
Proportionality and Legal Certainty in Insurance Law, Palic ISBN 978-86-920975-0-8. 
199-215. 

Trichet JC (2005) Financial stability and the insurance sector. Geneva Pap Risk Insur Iss Pract 30 
(1):65-71. https://doi.org/10.1057/palgrave.gpp.25 10021 

Van Hulle VK (2002) International convergence of accounting standards: a comment on Jeffrey. 
Duke J Comp Int Law 12:357-196. Available at: https://scholarship.law.duke.edu/djcil/vol12/ 
iss2/8 

Walton P (2003) International Accounting Standards: The New Regime, International accounting 
and reporting issues 2001 review, United Nation Geneva https://unctad.org/system/files/official- 
document/iteteb14_en.pdf 

Walton P ( 2013) Fair value and accounting, handbook of key global financial markets, institutions, 
and infrastructure. In: Caprio G, Arner DW, Beck T, Calomiris CW, Neal L, Veron N (eds) 
Academic Press, pp 423—433. https://doi.org/10.1016/B978-0-12-397873-8.0025 1-6 

Walton P (2015) IFRS in Europe — an observer’s perspective of the next 10 years. Account Eur 12 
(2):135-151. https://doi.org/10.1080/17449480.2015.1095306 

Zeff S (2011) The evolution of the IASC into the IASB, and the challenges it faces. Account Rev 87 
(3):807-837. https://doi.org/10.2308/accr- 10246 

Zweifel P (2014) Solvency regulation of insurers: a regulatory failure? J Insur Iss 37(2):135—-157. 
JSTOR, www.jstor.org/stable/43 151297. Accessed 28 Apr 2021 


Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 
International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, 
adaptation, distribution and reproduction in any medium or format, as long as you give appropriate 
credit to the original author(s) and the source, provide a link to the Creative Commons license and 
indicate if changes were made. 

The images or other third party material in this chapter are included in the chapter's Creative 
Commons license, unless indicated otherwise in a credit line to the material. If material is not 
included in the chapter's Creative Commons license and your intended use is not permitted by 
statutory regulation or exceeds the permitted use, you will need to obtain permission directly from 
the copyright holder. 


Recent Directions in the Regulation 
of Insurance Claims Handling in the United “xi 
Kingdom and Australia: A Model for Other 
Jurisdictions to Consider? 


Robin Bowley 


Abstract This chapter examines recent developments in the regulation of insurance 
claims handling in the United Kingdom and in Australia. It commences by reviewing 
the relevant Insurance Core Principles developed by the International Association of 
Insurance Supervisors which articulate the standards that national supervisors should 
implement to effectively regulate the handling of claims and the resolution of 
disputes with policyholders. From this basis, it then examines the various rules 
developed by the Financial Conduct Authority to regulate claims handling in the 
United Kingdom, and through the use of case studies discusses how compliance with 
these rules has been monitored and enforced. The chapter then examines the legal 
framework for regulating insurance claims handling in Australia, which has been 
significantly expanded following the implementation of the reforms recommended 
by the 2019 Royal Commission into Misconduct in the Banking, Superannuation 
and Financial Services Industry. The chapter concludes that the approaches adopted 
in these two jurisdictions could provide a model for similar jurisdictions considering 
similar regulatory challenges. 


1 Introduction 


The handling of insurance claims can be a long and complex process, involving 
factual investigations, consideration of the application of policy conditions, the 
engagement of external service providers and negotiated forms of settlements. 
Unsurprisingly, the claims handling process can frequently give rise to disputes 
between policyholders expecting the timely settlement of their claim, and insurers 
being mindful of managing their liabilities within the scope of their contractual 
obligations. This chapter discusses how insurance supervisory authorities in the 
United Kingdom and in Australia have used a variety of approaches over the recent 
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years to regulate the handling of insurance claims to ensure fairness for 
policyholders. 

Section 2 reviews the relevant international standards for regulating the handling 
of insurance claims, with a particular focus on the Insurance Core Principles 
developed by the International Association of Insurance Supervisors which articu- 
late the standards that national supervisors should implement to ensure a fair balance 
between the expectations of insurers and policyholders. From this basis, Sect. 3 
examines the legal framework for regulating insurance claims handling in the United 
Kingdom under the various rules developed by the Financial Conduct Authority 
(FCA). It discusses how the FCA has worked to ensure fair outcomes for consumers 
through both thematic reviews to encourage insurers to improve their practices, and 
formal enforcement action involving the imposition of financial penalties against a 
major insurer in 2018. 

The remainder of the chapter discusses the regulation of insurance claims han- 
dling in Australia. Section 4 provides an overview of the Australian legislation 
relating to claims handling and the key cases in which insurers’ claims handling 
practices have been challenged. It then discusses the functions of the Australian 
Securities and Investments Commission (ASIC) in regulating the insurance industry, 
with a particular focus on the key findings from ASIC’s reviews of insurers’ claims 
handling practices. Section 5 examines the significant reforms to the regulation of 
insurance claims handling resulting from the recommendations of the 2019 Royal 
Commission into Misconduct in the Banking, Superannuation and Financial Ser- 
vices Industry (FSRC). These include bringing insurance claims handling within the 
ambit of being a ‘financial service’; making industry codes of practice legally 
enforceable and extending the existing unfair contract terms regime to insurance 
contracts. As well as considering how these new measures might apply in practice, 
Sect. 5 also reviews two recent cases where ASIC has taken action against insurers in 
the courts for unsatisfactory claims handling practices. Section 6 draws together the 
key observations in the preceding parts and concludes that the approaches to 
regulating insurance claims handling in Australia and the United Kingdom could 
provide a model for similar jurisdictions to consider. 


2 International Standards for Regulating the Handling 
of Insurance Claims 


At an international level, a good starting point when examining national arrange- 
ments for the regulation of insurance claims handling are the Insurance Core 
Principles (ICPs) which have been progressively developed by the International 
Association of Insurance Supervisors (IAIS) since its establishment in 1994.' The 


‘International Association of Insurance Supervisors, Insurance Core Principles and ComFrame 
https://www.iaisweb.org/page/supervisory-material/insurance-core-principles. For an overview of 
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IAIS ICPs provide benchmarks on the key elements that should be addressed in the 
national supervisory regimes to ensure both financially sound insurance industries 
and adequate levels of consumer protection for policyholders. Each of the 26 ICPs 
include further guidance on the recommended measures to implement the relevant 
principles. 

ICP 19 ‘Conduct of Business’ envisages that “The supervisor requires that 
insurers and intermediaries, in their conduct of insurance business, treat customers 
fairly, both before a contract is entered into and through to the point at which all 
obligations under a contract have been satisfied.’. ICP 19.0.2 elaborates on this 
general statement by explaining that ‘fair treatment of customers’ encompasses 
achieving outcomes such as: (inter alia) “dealing with customer claims, complaints 
and disputes in a fair and timely manner’. 

ICP 19.10 addresses claims handling and envisages that supervisors in each 
jurisdiction will require insurers to handle claims in a timely, fair and transparent 
manner, and to have dispute resolution policies and procedures in place. To achieve 
these benchmarks, the guidance to ICP 19.10 on effective claims handling recom- 
mends that insurers should maintain written documentation on their claims handling 
procedures; clearly inform claimants about procedures, formalities and common 
timeframes for claims settlement; ensure that claimants are given information 
about the status of their claim in a timely and fair manner; and clearly explain in 
comprehensible language claim-determinative factors (such as depreciations, 
discounting or negligence) that could result in claims being denied in whole or in 
part.” 

The guidance to ICP 19.10 on claims handling goes on to explain that a fair 
claims assessment process requires the avoidance of conflicts of interest as well as 
appropriate competence and ongoing training of the staff involved, with the com- 
petence requirements for claims handlers likely to differ depending on the types of 
insurance policies involved.” 

In relation to claims disputes, the guidance on ICP 19.10 emphasises that dispute 
resolution procedures should be fair, impartial and transparent with procedural 
complexities minimised as far as possible; and that staff handling claims disputes 
being appropriately qualified and experienced in claims handling.* Similar recom- 
mendations are included in the European Insurance and Occupational Pensions 
Authority’s Guidelines on Complaints Handling by Insurance Undertakings.” 

The guidance on ICP 19.10 also recommends that if claims handling processes 
are outsourced (either in part or in full), supervisors should require insurers to 


the evolution and function of the IAIS generally, see Lowry et al. (2011); Walker and Purves 
(2014), pp. 18-19; Steinberg (2011), pp. 302-304. 


? International Association of Insurance Supervisors, Insurance Core Principles 19.10.2-19.10.5. 
3Ynternational Association of Insurance Supervisors, Insurance Core Principles 19.10.7-19.10.8. 
“International Association of Insurance Supervisors, Insurance Core Principles 19.10.9-19.10.11. 


*European Insurance and Occupational Pensions Authority (2012) Guidelines on Complaints 
Handling by Insurance Undertakings, EL\OPA-BoS- 12/070. 
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maintain close oversight and ultimate responsibility for fair and transparent claims 
handling and claims dispute resolution. Similar recommendations on appropriate 
oversight are contained in ICP 19.11 which addresses situations where intermedi- 
aries are involved in claims handling processes. 

Section 3 below shows how the legal framework for regulating the handling of 
insurance claims in the United Kingdom reflects the standards envisaged in ICP 
19.10, and Sect. 4 explains how because of recent reforms Australian legislation 
governing the handling of insurance claims now also adheres to the principles set out 
in ICP 19.10. 


3 The Regulation of Insurance Claims Handling 
in the United Kingdom 


In the United Kingdom, since 1 December 2001,’ the Financial Services and 
Markets Act 2000 (the FSMA) has governed the conduct of insurance businesses. 
Between 2001 and April 2013, the FSMA was administered by the Financial 
Services Authority. In the aftermath of the Global Financial Crisis, the regulatory 
functions of the Financial Services Authority were divided between two new 
agencies. The Prudential Conduct Authority assumed responsibility for the pruden- 
tial regulation of the UK’s financial sector (including the insurance industry) and the 
Financial Conduct Authority (FCA), assumed responsibility for regulating the con- 
duct of financial services firms. 

The FSMA provides the FCA’ with wide powers to make rules, issue codes, to 
give guidance and to develop rules, policy and guidance to regulate financial markets 
and services in the UK. The FSMA prevents a person from carrying on a ‘regulated 
activity’ unless the person is authorised by the FCA or an ‘exempt person’.'° 

The FCA Handbook provides the primary re-statement of relevant rules, codes 
and general guidance in force at a given time, and consists of several ‘blocks’. These 
‘blocks’ in turn contain a number of ‘source books’ on specific regulatory require- 
ments, which contain both legally enforceable rules (denoted by an ‘R’ after the 
relevant rule) and regulatory guidance (denoted by an ‘R’ after the relevant 
principle). '! 


International Association of Insurance Supervisors, Insurance Core Principles 19.10.12. 
7 Walker and Purves (2014), p. 743. 
SWalker and Purves (2014), pp. 3-6. 


° Although the FSMA (which is jointly administered by the FCA and the PRA) refers to ‘the 
Authority’, this chapter focuses only on the role of the FCA. 


10 Financial Services and Markets Act 2000 (UK) s 19 (containing the general prohibition—unless 
the person is authorised or exempt). 


11 Walker and Purves (2014), p. 5.39. 
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The Insurance Conduct of Business Sourcebook (ICOBS) sets out the obligations 
of firms that carry on a business of insurance in the United Kingdom. ICOBS 8 sets 
out the obligations of insurers in relation to claims handling. ICOBS 8.1.1R requires 
insurers to (1) handle claims promptly and fairly; (2) provide reasonable guidance to 
help a policyholder make a claim and appropriate information on its progress; (3) not 
unreasonably reject a claim (including by terminating or avoiding a policy); and 
(4) settle claims promptly once settlement terms are agreed. 

For contracts agreed before the commencement of the Insurance Act 2015 
(UK) on 1 August 2017, ICOBS 8.1.2R explains that the rejection of a consumer 
policyholder’s claim may be unreasonable unless there was evidence of fraud; 
non-disclosure or misrepresentation of a fact that was material to the risk to be 
transferred; or breach of a warranty or condition under the contract. 

For contracts agreed after 1 August 2017, ICOBS 8.1.2AR explains that the 
rejection of a consumer policyholder’s claim may be unreasonable unless the 
consumer made a qualifying misrepresentation within the meaning of the Consumer 
Insurance (Disclosure and Representations) Act 2012 (UK); or for claims subject to 
the Insurance Act 2015 (UK), where the consumer breached a warranty or engaged 
in fraudulent conduct. 

The FCA’s Dispute Resolution: Complaints sourcebook sets out the requirements 
for firms to have arrangements in place for the handling of complaints by consumers. 
DISP 1.3.1R requires firms to establish, implement and maintain effective and 
transparent procedures for the handling of complaints. DISP 1.4.1R elaborates on 
these obligations, by requiring firms to investigate and assess complaints fairly, 
consistently and promptly; to offer redress or remedial action where appropriate; and 
to clearly and fairly explain its assessment of the complaint to consumers in a manner 
that is not misleading. The DISP sourcebook includes further guidance for firms to 
meet these mandatory requirements. 

At a broader level, the FCA’s Senior Management Arrangements, Systems and 
Controls (SYSC) sourcebook places responsibility on the directors and senior 
managers of firms to take reasonable care to ensure compliance with applicable 
requirements and to implement appropriate risk management arrangements. 

Over the recent years, the FCA has undertaken several reviews of British insurers’ 
claims handling practices. In May 2014, the FCA published the report of its thematic 
review of insurers’ management of claims in the household and retail travel sector. 
This review was based on both consumer research and the FCA’s engagement with 
the claims handling staff of insurers. Whilst consumer research for this revealed that 
consumers levels of satisfaction with their claims experiences were overall reason- 
ably high, the review highlighted some issues for future improvement by insurers. 
These included working to ensure that policy documentation was clear and under- 
standable to consumers (particularly around policy exclusions), and keeping con- 
sumers informed during the claims process (particularly where third party providers 
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such as builders and loss adjusters were involved).'* This thematic review also 
involved a survey of members of the Chartered Insurance Institute about the 
members’ perceptions of insurers’ practices for handling household and travel 
insurance claims. Whilst responding members indicated that insurers were ade- 
quately informing customers about how to make claims and providing relatively 
straightforward claims notification processes, the survey highlighted several areas 
for insurers to improve their claims handling practices. These included keeping 
claimants informed throughout the claims process; clearly informing claimants 
about the coverage of their policies; proactive management of third-party suppliers 
(such as tradespersons); and clearly informing claimants about the evidence needed 
to support their claims. "° 

A year later in May 2015, the FCA published the findings of its thematic review 
of the handling of claims lodged by policyholders in the Small and Medium-sized 
Enterprise (SME) sector. Whilst noting that claims by SMEs were more complex 
than those examined it its earlier review of household and travel claims, the FCA 
identified several areas for insurers to improve their claims handling practices. These 
included many SME claimants reporting a lack of clarity about who was responsible 
for managing their claims (particularly where external providers such as loss 
adjusters were involved), and poor communication about the progress of their 
claims. '* 

The FCA has a wide range of enforcement powers to respond to breaches of its 
rules, which are set out in its Enforcement Guide. One of the FCA’s enforcement 
options is its power under s 206(1) of the FSMA to impose financial penalties where 
it determines that an authorised person has contravened a requirement under the 
FMSA. The FCA’s approach to exercising its powers to impose financial penalties is 
set out in Chapter 7 of its Enforcement Guide, and its policy on the determining the 
appropriate quantum of financial penalties is set out in Chapter 6 of its Decision 
Procedure and Penalties Manual (DEPP). 

The application of these sanctions was illustrated on 29 October 2018 when the 
FCA imposed a financial penalty of £5,280,800 on Liberty Mutual Insurance Europe 
SE (Liberty) following its investigation into Liberty’s failure to exercise appropriate 
oversight of claims on mobile phone insurance policies which it had underwritten 
between 2010 and 2015. 

By way of background, in 2010 Liberty entered into an arrangement to under- 
write mobile phone insurance, with a third party’? providing this insurance to retail 
customers in the UK. Under this arrangement, the third party managed the 


1? Financial Conduct Authority (May 2014) ‘Thematic Review TR 14/8: Insurers’ management of 
claims - household and retail travel. 

‘3 Financial Conduct Authority (May 2014) ‘Perceptions of insurers management of claims: Find- 
ings from a survey of members of the Chartered Insurance Institute’ See https://www.fca.org.uk/ 
publication/research/tr14-08-cii-survey.pdf. 

‘Financial Conduct Authority (May 2015) ‘Thematic Review TR 14/19: Handling of insurance 
claims for Small and Medium-sized Enterprises (SMEs)’. 

!5The third party was not identified in the FCA’s media release. 
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administrative functions associated with the mobile phone insurance on Liberty’s 
behalf, including the handling of claims and complaints. However, as the authorised 
insurer, Liberty retained primary responsibility for ensuring that these outsourced 
claims and complaints handling arrangements complied with regulatory 
requirements. 

Following numerous complaints by customers to the UK’s Financial Ombuds- 
man Service, an investigation by the FCA determined that Liberty had failed to 
exercise appropriate oversight of the third party’s handling of claims on the mobile 
phone insurance policies. The FCA’s investigation found that around 6000 cus- 
tomers had been unfairly denied cover for claims for loss or theft if they had failed to 
comply with a requirement to download and install a Mobile Rescue App; that in 
many of the 3171 claims declined on suspicion of fraud there had been insufficient 
evidence to support such suspicions due to an overreliance on voice analytics 
software; and that approximately 1707 customers had been unfairly denied cover 
through the inappropriate use of a policy exclusion for unattended loss. Based on 
these findings, the FCA investigation determined that Liberty had failed to comply 
with its obligations under ICOBS 8.1.1R to handle claims promptly and fairly, and to 
not unreasonably reject claims. 

The FCA also found that Liberty had failed to ensure that the third party had 
adequate complaint handling processes in place, noting with concern that the great 
majority of the 1627 customers who complained about denials of cover for late 
notification of their claim or for failure to install the Mobile Rescue App had the 
original decision overturned. These failings meant that Liberty had failed to adhere 
to its obligations DISP 1.3.1R and 1.4.1R discussed above, as well as its obligations 
under SYSC 3.1.1R, which requires firms to establish and maintain appropriate 
systems and controls.'° 

More recently, on 19 March 2020, the FCA outlined set out its expectation of 
firms when handling insurance claims in the context of the COVID-19 pandemic. 
Emphasising the importance of treating customers fairly, the FCA made clear that it 
expected firms to clearly communicate policy exclusions, and to take a more flexible 
approach to motor and home property claims given the increased number of con- 
sumers working from home.’ 

In summary, this part has shown how in the FCA is empowered to regulate the 
handling of insurance claims in the United Kingdom in accordance with the stan- 
dards envisaged in ICP 19.10. The following part of the chapter and discusses how 
significant reforms in Australia now provide for the effective regulation of all parties 
involved in the handling of insurance claims in accordance with the ICP 19.10 
standards. 


16 Financial Conduct Authority (29 October 2018) Press Release ‘The FCA has fined Liberty 
Mutual Insurance Europe SE £5.2 million for failures in its oversight of mobile phone insurance 
claims and complaints handling’. See also Financial Conduct Authority (29 October 2018) Final 
Notice - Liberty Mutual Insurance Europe SE. 

'7Financial Conduct Authority, Press Release ‘Insurance and coronavirus (Covid-19): our expec- 
tations of firms’ 19 March 2020. 
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4 The Evolution of the Australian Legal Framework 
Relating to Insurance Claims Handling 


4.1 Australian Insurance Contract Law Relating to Claims 
Handling 


Since | January 1986, most classes of insurance contracts in Australia have been 
governed by the Insurance Contracts Act 1984 (Cth) (the ICA).!® The ICA regulates 
the relationship between insurers and insureds’? throughout the life cycle of a 
contract of insurance. It includes provisions governing pre-contractual disclosure, 
the ability of insurers to refuse (or limit their liability) when determining claims, and 
the circumstances under which insurers may cancel contracts. 

Section 13 of the ICA imposes duties of utmost good faith on both parties to 
insurance contracts. Whilst the meaning of the generalised duty of utmost good faith 
is challenging to conclusively define—and will depend on the circumstances of each 
case—it has been noted to encompass notions of fairness, reasonableness and 
community standards of decency and fair dealing, and require both parties to an 
insurance contract to have due regard to the interests of the other party.*° 

A leading Australian insurance lawyer has helpfully described the duty of utmost 
good faith under the ICA as consisting of four quadrants.*' The first of these 
quadrants concerns the insured’s pre-contractual obligations, which under Part IV 
of the ICA require the insured to disclose” (and not misrepresent”) information that 
is relevant to the risk to be transferred. The ICA includes specific Part IV of the ICA 
also provides remedies for insurers in cases where the insured has failed to comply 
with the duty of disclosure.** The second quadrant is the insurer’s pre-contractual 
obligations, with Part IV of the ICA requiring the insurer to clearly inform the 


'8The exceptions to the application of the ICA include contracts of marine insurance, insurance that 
is required under state or territory legislation (including workers compensation and compulsory 
third-party insurance for motor vehicles), private health insurance and reinsurance. 

The terms ‘policyholder’, ‘consumer’ and ‘insured’ are used interchangeably in this chapter. 

20 Enright and Merkin (2015), pp. 471-476. 


?l These ‘four quadrants’ of utmost good faith were first conceptualised by Mann (2016), 
pp. 176-184. 

?2 Insurance Contracts Act 1984 (Cth) s 21. 

3 Insurance Contracts Act 1984 (Cth) s 26. Under amendments to the Insurance Contracts Act 
1984 (Cth) which took effect on 1 January 2021, when entering into a ‘consumer insurance 
contracts’ (defined in s 11AB as ‘a contract of insurance obtained wholly or predominantly for 
the personal, domestic or household purposes of the insured’) the insured’s pre-contractual obliga- 
tions under s 20B are to take reasonable care not to make a misrepresentation to the insurer before 
the relevant contract of insurance is entered into. 

*4These remedies are set out in Insurance Contracts Act 1984 (Cth) s 28 (for contracts of general 
insurance) and in s 29 (for contracts of life insurance). 


Recent Directions in the Regulation of Insurance Claims Handling in the. . . 271 


insured in writing of the duty of disclosure before the insured enters into an 
insurance contract.”° 

The third quadrant of utmost good faith focuses on the insured’s post-contractual 
obligations after an insurance policy comes into effect. Section 54 of the ICA 
provides remedies to insurers that have been prejudiced by the insured’s failure to 
comply with terms of an insurance contracts—which may involve the insurer 
reducing its liability in respect of the insured’s claim or avoiding the claim in its 
entirety. Section 56 of the ICA also provides remedies to the insurer in the event of 
fraudulent claims. The fourth quadrant of utmost good faith relates to the insurer’s 
post-contractual conduct—which in most cases concerns the insurer’s conduct in 
handling claims (the focus of the present chapter). 

Section 14 of the ICA prevents parties to a contract of insurance from relying on a 
provision of the contract except in the utmost good faith, and to date s 15 of the ICA 
has provided that relief under other legislation does not apply to contracts of 
insurance governed by the ICA. Whilst to date this has meant that the unfair contract 
terms regime under the Australian Securities and Investments Commission Act 2001 
(Cth) (the ASIC Act)—which renders void unfair contractual terms that cause a 
significant imbalance in the contracting parties’ rights and obligations—has thus far 
not applied to insurance contracts, as Sect. 5.2 below discusses the recommendations 
by the 2019 FSRC for extending the unfair contract terms regime to apply to 
insurance contracts subject to the ICA. 

Over the recent years, there have been an increasing number of cases in which 
aggrieved policyholders have challenged the decision-making processes of insurers 
in refusing their claims. In several cases aggrieved policyholders have questioned the 
insurers’ adherence to the duty of utmost good faith under s 13 of the ICA— 
particularly in cases where the insurers were not open and frank in their dealings 
with the insureds. The decisions of Australian courts on such challenges have 
progressively clarified the standards expected of insurers when determining claims. 

The leading Australian decision on s 13 of the ICA is CGU Insurance Ltd v AMP 
Financial Planning Pty Ltd [2007] HCA 36. During 1999 two representatives of the 
financial services company AMP had acted outside the terms of their respective 
authorities, resulting in losses for their clients. AMP then faced pressure from the 
corporate regulator ASIC*® to devise a protocol for settling claims by the affected 
clients in a timely manner. However, AMP’s professional indemnity policy with 
CGU prevented it from admitting liability or settling claims without obtaining the 
CGU’s written consent, and also required AMP’s liabilities to clients (and hence its 
right to indemnity under the policy) to be conclusively established by advice from a 
senior counsel. Whilst CGU indicated through its lawyers that it ‘agreed in principle’ 
to the protocol for compensating the affected clients, it also advised that it reserved 
its decision on its liability to indemnify AMP and advised AMP to act as a ‘prudent 
uninsured’. After almost two years of delays and changes of lawyers, CGU refused 


25 Insurance Contracts Act 1984 (Cth) s 22. 
26 ASIC’s role in regulating the Australian financial services industry is discussed below at Sect. 4.2. 


272 R. Bowley 


AMP’s claim. Following a succession of legal proceedings, the majority of the High 
Court of Australia upheld CGU’s refusal of AMP’s claim due to its failure to comply 
with the policy’s requirement to obtain CGU’s consent before settling the clients’ 
claims. However, in his dissenting judgement Kirby J was highly critical of CGU’s 
failure ‘to act with clarity, candour and decisiveness’, as well as what he 
characterised as the ‘dilatory, prevaricating, confused, uncertain, inattentive and 
misleading way in which, over two years, CGU, with its four successive firms of 
solicitors, delayed and postponed its decision to deny indemnity’. Whilst the High 
Court found by a 4:1 majority that CGU had not breached its duty of utmost good 
faith in its refusal of AMP’s claim, in other cases Australian insurers have been 
found to have breached this duty in their determination of claims. 

In the field of Total and Permanent Disability (TPD) insurance there have been 
several cases where insurers have been found to be in breach of their duty of utmost 
good faith in determining claims. In Australia TPD insurance policies are commonly 
arranged on a ‘group insurance’ basis by trustees of superannuation funds to provide 
benefits for incapacitated members of the fund. Whilst such claimants are not parties 
to the insurance contract arranged between the superannuation fund trustee and the 
insurer, Australian courts have recognised that insurers’ duties of utmost good faith 
also extend to third party claimants.” This position was confirmed through amend- 
ments to the ICA in 2013,*° which extended insurers’ duties of utmost good faith to 
third party beneficiaries.*! 

Whilst TPD definitions vary between insurers, one typical example of the criteria 
that must be satisfied for TPD benefits to be payable is that ‘the Insured Person is 
unable to follow their usual occupation by reason of an accident or illness for six 
consecutive months and in our opinion, after consideration of medical evidence 
satisfactory to us, is unlikely ever to be able to engage in any Regular Remuneration 
Work for which the Insured Person is reasonably fitted by Education, Training or 
Experience’ s 

Determining claims for TPD benefits can be a complex process for insurers, 
requiring the evaluation of sometimes conflicting evidence from medical specialists, 
allied health professionals, investigative surveillance and labour market analyses to 
decide whether a claimant has satisfied the applicable TPD definition. If an insurer’s 


?7 CGU Insurance Ltd v AMP Financial Planning Pty Ltd (2007) 235 CLR 1; 14 ANZ Ins Cas 
61-739; [2007] HCA 36 at [72]. 

?8 CGU Insurance Ltd v AMP Financial Planning Pty Ltd (2007) 235 CLR 1; 14 ANZ Ins Cas 
61-739; [2007] HCA 36 at [139]. 

°° For an overview of these cases see Bowley (2016), pp. 194-213. 

30 For an overview of the 2013 reforms to the ICA, see Box and Webster (2013), pp. 114-119; Tarr 
(2015), pp. 68-74. 

3! Insurance Contracts Act 1984 (Cth) s 13(4). Since 2013 s 11 of the ICA has defined a ‘third party 
beneficiary’ as a person who is not a party to the contract but is specified or referred to in the 
contract, whether by name or otherwise, as a person to whom the benefit of the insurance cover 
provided by the contract extends. 

3? Hannover Life Re of Australasia Ltd v Dargan [2013] NSWCA 57 at [16]. 
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decision-making process is found to be unreasonable, the court may determine the 
TPD claim on the available evidence.” Examples of claims handling processes that 
have been found to breach of the duty of utmost good faith have included failing to 
inform an assessing doctor of the criteria that a claimant would need to satisfy to 
qualify for TPD benefits, and refusing a request by the claimant (an accountant who 
had suffered a stroke) for access to the documentation relied upon to declining his 
claim;** failing to inform a manual worker claiming TPD benefits for a back injury 
of adverse reports from an assessing doctor and private surveillance agents that were 
relied upon to refuse his claim;*> failing to inform a manual worker with limited 
English about the information that would be required to substantiate his claim, and 
failing to give appropriate consideration to a specialist medical report that was 
favourable to the claimant;*° and providing a claimant (a police officer claiming 
for psychological injuries) with only 14 days to respond to a ‘procedural fairness’ 
letter enclosing the full volume of information relating to her claim that had been 
collected in the three years since she had lodged her claim, after having failed to 
respond to three requests by her solicitors and the trustee of her superannuation fund 
to release medical reports relating to her claim.’ 

Whilst these decisions finding insurers to be in breach of the duty of utmost good 
faith through their deficient claims handling practices have resulted from civil 
challenges by policyholders to the refusal of claims by insurers, the following 
sections outline how in in more recent years the regulators of the Australian 
insurance industry have become increasingly active in their monitoring of insurers’ 
claims handling practices. 


4.2 The Powers of the Australian Insurance Industry 
Regulators 


There are two key regulators of the Australian insurance industry, which have 
existed in their present form since 1998.°* The first of these is the Australian 


33 Lazarevic v United Super Pty Ltd [2014] NSWSC 96 at [147]. 

34 Wyllie v National Mutual Life Association of Aust Ltd (1997) 217 ALR 324 at 342; [1997] 
NSWSC 146. 

35 Sayseng v Kellogg Superannuation Pty Ltd and Anor [2003] NSWSC 945 at [93]-[97]; upheld on 
appeal: Hannover Life Re of Australasia Ltd v Sayseng (2005) 13 ANZ Ins Cas 90-123; [2005] 
NSWCA 214. 

36 Dumitrov v SC Johnson and Son Superannuation Pty Ltd and Anor [2006] NSWSC 1372. In a 
subsequent decision Gzell J awarded the claimant interest under s 57 of the ICA to compensate for 
the insurer’s unreasonable withholding of insurance monies: Dumitrov v SC Johnson and Son 
Superannuation Pty Ltd (No 2) (2007) 14 ANZ Ins Cas 61-722; [2007] NSWSC 42. 

37 Wheeler v FSS Trustee Corp Atf First State Superannuation Scheme [2016] NSWSC 534. 

38 Australia’s current regulatory system was an outcome of the Wallis Financial System Inquiry 
which was held between 1996 and 1997. The Wallis Inquiry recommended the replacement of 
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Securities and Investments Commission (ASIC), which has responsibility for the 
general administration of the ICA.” ASIC’s wide range of responsibilities include 
the regulation of Australian companies, financial markets and financial services.’ 
The focus of ASIC’s regulation of the Australian financial services industry (which 
as explained below, encompasses most forms of insurance) is on consumer protec- 
tion, ensuring accurate disclosure for consumers and investors, and licensing pro- 
viders of financial services. As also explained below, ASIC has a wide range of 
powers to investigate and take enforcement action in response to suspected 
non-compliance with the various laws that it administers, and it also publishes 
extensive regulatory guidance for the sectors that it oversees.“ 

The other regulator of the Australian insurance industry is the Australian Pru- 
dential Regulation Authority (APRA). In comparison to ASIC’s focus on consumer 
protection, APRA focuses on the prudential regulation of Australian financial 
institutions (including general and life insurers) to ensure they remain financially 
viable and able to satisfy their obligation to policyholders. As part of this prudential 
regulatory role, the Financial Sector (Collection of Data) Act 2001 (Cth) enables 
APRA to collect and analyse data from the financial institutions it supervises on an 
ongoing basis. As explained below in Sect. 4.3 in recent years ASIC has worked 
collaboratively with APRA by drawing on its data collection and analysis capabil- 
ities in its reviews of the Australian insurance industry. 

Chapter 7 of the Corporations Act 2001 (Cth) (the Corporations Act) sets out an 
over-arching consumer protection regime for the Australian financial services indus- 
try. Many of the key provisions of Chapter 7 are expressed broadly, with numerous 
“carve-outs’ as exceptions in both the Corporations Act and the Corporations 
Regulations 2001 (Cth). A foundational term in Chapter 7 is the concept of a 
‘financial product’, defined in s 763A as ‘a facility through which, or through the 
acquisition of which a person makes a financial investment; manages a financial risk, 
or makes a non-cash payment’. Section 763C includes ‘taking out insurance’ as an 
example of ‘managing a financial risk’, and s 764C includes ‘contracts of insurance’ 
as ‘financial products’. Section 765A provides exceptions to these general 


Australia’s previous over-lapping and sector-specific regulatory system with the ‘twin peaks’ model 
of financial sector regulation: Wallis (1997). For an excellent overview of the evolution of the 
current regulatory arrangements for the Australian insurance industry, see Tarr (2010), 
pp. 332-350. 

3° Insurance Contracts Act 1984 (Cth) s 11A. 


40 ASIC also regulates consumer credit and business names, which are outside the scope of the 
present chapter. 

4l ASIC publishes Regulatory Guides to set out its interpretation of, and for outlining its 
recommended best practice for complying with, the various laws that it administers; and Informa- 
tion Sheets which provide concise guidance on a specific process or compliance issue or an 
overview of detailed guidance: ASIC, Regulatory Resources: https://asic.gov.au/regulatory- 
resources/. 

“? For an interesting critique of the broadly expressed nature of Chapter 7 of the Corporations Act, 
see Lewis (2004), pp. 103-134. 
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definitions by specifying the forms of insurance that are not classified as ‘financial 
products’ under Chapter Tii 

Proceeding from these definitions of ‘financial product’, s 766A explains that a 
person ‘provides a financial service’ if they (inter alia) provide financial product 
advice,** or deal in a financial product. As this definition captures the busines 
activities of most forms of insurance in Australia, under s 911A general and life 
insurers must hold an Australian Financial Services (AFS) Licence issued by 
ASIC.“ 

Section 911A imposes wide-ranging obligations on AFS licensees, which include 
ensuring that financial services are provided efficiently, honestly and fairly; com- 
plying with financial services laws; and ensuring that representatives are adequately 
trained and are competent to provide the relevant financial services.“ 

When financial services are provided to consumers (who are classified as ‘retail 
clients’ under the Corporations Act”), s 912A(1)(g) requires AFS licensees to have 
in place systems for resolving disputes. These must include internal dispute resolu- 
tion (IDR) arrangements that comply with the standards made by ASIC,** and in 
cases where a firm’s IDR processes do not result in the resolution of the consumer’s 
dispute, external dispute resolution (EDR) arrangements. The Australian Financial 
Complaints Authority (AFCA) scheme is the sole EDR body for resolving consumer 
disputes in the financial services industry. The AFCA commenced operations on 
1 July 2018 after a review of Australia’s financial services dispute resolution 
framework had recommended the replacement of the three previous EDR bodies*” 
(which were overlapping and inconsistent) with a single unified body for resolving 


“These include contracts of reinsurance; insurance provided by commonwealth, state and territory 
governments; private health insurance; and insurance entered into by the Export Finance and 
Insurance Corporation. 

4 Corporations Act 2001 (Cth) s 766B(1) defines ‘financial product advice’ as a recommendation or 
statement of opinion that is intended to influence a person in making a decision in relation to a 
financial product or class of financial products, or an interest in a particular financial product or class 
of financial products; or could reasonably be regarded as being intended to have such an influence. 
45 Corporations Act 2001 (Cth) ss 913A-913B; See also ASIC Regulatory Guide 36 ‘Licensing: 
Financial product advice and dealing (updated July 2016). 


46 Corporations Act 2001 (Cth) s 912A. 


4 Corporations Act 2001 (Cth) s 761G—which provides that a retail client is a client that does not 
qualify as a wholesale client. See also Corporations Act 2001 (Cth) s 761G(5)(b)(vii) and Corpo- 
rations Regulations 2001 (Cth) Reg 7.1.17, which explains that a general insurance product will be 
provided to a person as a ‘retail client’ if the product is a motor vehicle, home building, home and 
contents, sickness and accident, consumer credit, travel or a personal and domestic insurance 
product. 

48 ASIC’s expectations in relation to internal dispute resolution arrangements for AFS Licensees is 
set out in Regulatory Guide 271 ‘Internal dispute resolution’ (30 July 2020). 

“Prior to the formation of AFCA, Australia’s three previous EDR bodies had included the 
Financial Ombudsman Service, the Credit Ombudsman Service and the Superannuation Complaints 
Tribunal. 
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consumer disputes.” The AFCA dispute resolution process (which is funded by the 
compulsory levies on AFS licensees”') is free to consumers” and seeks to resolve 
disputes firstly through informal methods such as negotiation, or through a concil- 
iation conference.°° If these methods fail to resolve the complaint, AFCA may then 
proceed to make a final determination in relation to the complaint, which is binding 
on the AFCA member.** Under Part 7.10A of the Corporations Act, AFCA is 
subject to oversight by ASIC and must report matters including serious contraven- 
tions of the law and systemic issues.” 

A significant focus of ASIC’s consumer protection efforts is on ensuring com- 
plete and accurate disclosure about financial products when these are sold retail 
clients. In most cases, a Product Disclosure Statement which clearly sets out the key 
terms and conditions of the insurance contract, including the policy wording.”° must 
be provided to the retail client either by the insurer,” or by their insurance broker or 
financial adviser.°* ASIC utilises a risk-based approach to monitor the adequacy of 
Product Disclosure Statements in informing consumers about the terms and condi- 
tions of financial products.°” 

Chapter 7 of the Corporations Act includes provisions that prohibit dishonest 
conduct and misleading or deceptive conduct’ in relation to financial products or 
financial services. These provisions are paralleled in the ASIC Act, which also 
includes prohibitions on misleading or deceptive conduct™ and false or misleading 
representations® in relation to financial services. 


5°Ramsay et al. (2017). 


51 Under Corporations Act s 912A(2) all AFS licensees that provide financial services to retail 
clients must be members of the AFCA scheme. 


5? Australian Financial Complaints Authority, Funding - https://www.afca.org.au/about-afca/ 
corporate-information/funding. 


53 Australian Financial Complaints Authority, Complaint Resolution Scheme Rules (25 April 2020), 
Rule A.8.1. 


54 Australian Financial Complaints Authority, Complaint Resolution Scheme Rules (25 April 2020), 
Rule A.15. 


See ASIC (July 2018) Regulatory Guide 267 ‘Oversight of the Australian Financial Complaints 
Authority’. 
38 Corporations Act 2001 (Cth) s 1012D; Corporations Regulations 2001 (Cth) Reg 7.9.15 D-F. 


57In cases where the contract of insurance is issued directly by the insurer: Corporations Act 2001 
(Cth) s 1012B. 


58 In cases where the retail client has been provided with personal advice (which considers a client’s 
person’s objectives, financial situation and needs) before entering into the relevant contract of 
insurance Corporations Act 2001 (Cth) s 1012A. 


°° For an overview of ASIC’s approach to monitoring disclosure about financial products, see ASIC 
(October 2011) Regulatory Guide 168 Disclosure: Product Disclosure Statements and other dis- 
closure obligations. 


°° Corporations Act 2001 (Cth) s 1041G. 
6l Corporations Act 2001 (Cth) s 1041H. 
© Australian Securities and Investments Commission Act 2001 (Cth) s 12DA. 
6 Australian Securities and Investments Commission Act 2001 (Cth) s 12DB. 
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ASIC utilises a range of measures to regulate the financial services industry, 
including engagement with the industry and other stakeholders, consumer education, 
the development of regulatory guidance, targeted surveillance to assess compliance, 
and formal enforcement action. ASIC has extensive powers to monitor and enforce 
compliance with the legislation it administers. These include the powers to conduct 
examinations of individuals;%* obtain records relating to financial products® and 
financial services;°° and apply for warrants to enter premises to obtain records.” 
ASIC may also direct AFS licensees to provide written statements about the financial 
services they provide.®* 

Depending on its assessment of the seriousness of breaches that come to its 
attention, there are a range of regulatory enforcement tools that ASIC may utilise. 
ASIC’s enforcement strategies encapsulate the principles of ‘responsive regulation’, 
which combines both compliance and deterrence through an ‘enforcement pyramid’ 
of progressively more punitive measures in response to breaches of the law.’° Whilst 
to date the bulk of ASIC’s enforcement actions have tended to be at the lower levels 
of the enforcement pyramid, as Sect. 5.2 explains the recommendations from the 
2019 FSRC have urged ASIC to firstly ask the question ‘why not litigate?’ when 
taking enforcement strategies in response to future instances of misconduct in the 
financial services industry. 

At the lowest level of the enforcement pyramid, ASIC may issue informal 
warnings or recommendations for changing business practices.’’ In situations 
where ASIC is satisfied that a regulated entity is willing and capable of 
implementing appropriate measures to ensure compliance with the law and/or to 
compensate adversely impacted persons, ASIC may consider entering into an 
enforceable undertaking as an alternative to formal administrative or civil action.’ 

The next level up on the ‘enforcement pyramid’ are administrative actions against 
regulated entities and individuals.” Examples of administrative actions include the 
powers to suspend or cancel AFS Licences;”* the power to ban individuals from 


& Australian Securities and Investments Commission Act 2001 (Cth) s 19. 

© Australian Securities and Investments Commission Act 2001 (Cth) s 31. 

6 Australian Securities and Investments Commission Act 2001 (Cth) s 32A. 

®© Australian Securities and Investments Commission Act 2001 (Cth) ss 35-36A. 

68 Corporations Act 2001 (Cth) s 912C. 

© See ASIC (September 2013) Information Sheet 151 ASIC’s approach to enforcement. 
71 egg and Speirs (2019), pp. 244-246. 


7l For an overview of the factors that ASIC would ordinarily consider in determining whether to 
enter into an enforceable undertaking, see ASIC Information Sheet 151 (September 2013) ‘ASIC’s 
approach to enforcement’ and ASIC (February 2015) Regulatory Guide 100 Enforceable 
Undertakings. 

7? Australian Securities and Investments Commission Act 2001 (Cth) s 93AA; see also ASIC 
(February 2015) Regulatory Guide 100, Enforceable Undertakings. 

73 ASIC (30 July 2013) Regulatory Guide 98 Licensing: Administrative action against financial 
services providers. 


74 Corporations Act 2001 (Cth) s 915C. 
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providing financial services;’° and issuing infringement notices under the ASIC Act 
2001.’° In contrast to civil litigation and criminal prosecutions, decisions to impose 
administrative sanctions are made within ASIC by authorised delegates, after pro- 
viding the regulated entity or individual with the opportunity for a hearing.” 

The higher levels of the enforcement pyramid involve ASIC pursuing action 
through the courts, which can include civil litigation such as seeking injunctions’® 
and/or the pursuit of recovery actions.” For more serious breaches of the law which 
adversely impact on consumers and/or investors, ASIC may pursue proceedings for 
the imposition of civil penalties. Section 1317E designates a number of provisions of 
the Corporations Act as ‘civil penalty provisions’, and when a court declares a 
contravention of a civil penalty provision it may impose a range of penalties. 
These include pecuniary penalty orders,*” compensation orders?! and/or orders 
disqualifying a person from specified roles such as managing a company or provid- 
ing financial services for the period that it considers appropriate.** Civil penalties 
were introduced into Australian corporate legislation in the 1990s to expand the 
enforcement powers of regulatory authorities such as ASIC and its predecessors by 
providing an alternative to pursing criminal prosecutions (which involve the very 
high standard of proof beyond reasonable doubt. By contrast the civil standard of 
proof of the balance of probabilities applies to civil penalty proceedings. Civil 
penalties are intended to have both a deterrent effect both specifically (through 
punishing the offending individual or entity through the imposition of fines and/or 
disqualification orders) and generally (through providing high profile examples of 
punishment for wrongful conduct to the relevant regulated sectors)."? 

Reforms to the ICA which took effect from 12 March 2019 have enabled ASIC to 
pursue civil penalty proceedings for contraventions of designated provisions of the 
ICA, including the duty of utmost good faith under s 13. As discussed in Sect. 5, 
recent reforms resulting from the recommendations of the 2019 FSRC report which 
took effect from 1 January 2021 have introduced civil penalties for a range of other 
legislative provisions relating to insurance claims handling. 


15 Corporations Act 2001 (Cth) s 920A. 


76 Australian Securities and Investments Commission Act 2001 (Cth) s 12GX; See also ASIC’s 
infringement notices register http://asic.gov.au/about-asic/asic-investigations-and-enforcement/ 
infringement-notices/. 


77 ASIC’s practice in relation to administrative hearings is set out in ASIC (March 2002) Regulatory 
Guide 8 ‘Hearings practice manual’. 


78 Corporations Act 2001 (Cth) s 1324. 

™ See for example Australian Securities and Investments Commission Act 2001 (Cth) s 50. 

80 Corporations Act 2001 (Cth) s 1317G. 

8! Corporations Act 2001 (Cth) s 1317H (in relation to corporation / scheme civil penalty pro- 
visions) and s 1317HA (in relation to financial services civil penalty provisions). 

82 Corporations Act 2001 (Cth) s 206C. 


83For an overview of the evolution of the Australian civil penalties regime, see Comino (2015), 
pp. 141-171. 
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In the most serious cases, ASIC may refer matters to the Commonwealth Director 
of Public Prosecutions, which may prosecute under both commonwealth and state 
and territory legislation.** 

The following Sect. 4.3 explains how ASIC has become increasingly active in its 
monitoring of the practices of the Australian insurance industry over the recent 
years. Although since 2013 s 14A of the ICA has empowered ASIC to suspend, 
cancel or impose conditions on AFS licenses in cases where an insurer has failed to 
comply with the duty of utmost good faith in the handling or settlement of claims, to 
date it has been limited in its ability to seek the imposition of civil penalties in cases 
where an insurer has engaged in unfair conduct in the determination of a claim. In 
comparison to the selling of insurance (which has been designated as a financial 
service? since the inception of the Corporations Act in 2001), s 766A(2) of the 
Corporations Act has to date exempted ‘handling insurance claims’ from the ambit 
of ‘financial services’. Until 1 January 2021, Regulation 7.1.33 of the Corporations 
Regulations 2001 (Cth) explained this exemption as encompassing the handling 
and/or settling of actual and potential claims, and provided non-exhaustive list of 
examples of such services as negotiations of settlement amounts; interpretation of 
relevant policy provisions; estimates of loss or damage; estimates of value or 
appropriate repair; recommendations on mitigation of loss; recommendations on 
changing cover limits; and claims strategy such as the making of claims under 
alternate policies.*° However, as Sect. 5.2 explains, the FSRC has made recommen- 
dations to remove this exception. 

In addition to the legal requirements set out in the ICA and the Corporations Act, 
codes of practice have progressively developed as an important source of self- 
regulation for the Australian insurance industry. Since 1994 there have been various 
iterations of the General Insurance Code of Practice, with the most recent iteration 
coming into effect on 1 January 2020.8’ The General Insurance Code of Practice is 
subscribed to by the majority of Australia’s general insurers and sets out standards of 
business practice for insurers to adhere to when selling insurance; when issuing 
policies (and explaining the basis for rejecting applications for policies); determining 
claims (including timeframes and special arrangements in response to catastrophes); 
and when dealing with complaints and disputes. Codes of practice for the Australian 
life insurance industry have been developed over more recent years, covering similar 
issues to the General Insurance Code of Practice. These include the Life Insurance 
Code of Practice developed by the Financial Services Council which came into 


84See Memorandum of Understanding: Australian Securities and Investments Commission and 
Commonwealth Director of Public Prosecutions — 1 March 2006, which is accessible at https:// 
download.asic.gov.au/media/3343247/asic-cdpp-mou-march-2006.pdf. 

85 Corporations Act 2001 (Cth) ss 766A and 766B. 

86 Corporations Regulations 2001 (Cth) Reg 7.1.33. 

87Isurance Council of Australia, General Insurance Code of Practice, 1 January 2020. See http:// 
codeofpractice.com.au/2020/10/ICA001_COP_Literature_Code_OnScreen_RGB_DPS_10.2_ 
LR2.pdf. 
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operation on 1 July 2017,°° and the Association of Superannuation Funds of 
Australia’s Insurance in Superannuation Voluntary Code of Practice, which com- 
menced on 1 July 2018.*° Whilst to date breaches of the provisions of these industry 
codes of practice have only been enforceable by the respective code governance 
committees (which are empowered to impose such sanctions as they see fit), as Sect. 
5.2 explains reforms that took effect from 1 January 2021 to implement the recom- 
mendations of the 2019 FSRC now enable ASIC to pursue a variety of enforcement 
measures in the event of breaches of the provisions of financial services industry 
codes of practice. 


4.3 Reviews of Insurance Claims Handling Practices by 
Australian Regulators 


Over the recent years, ASIC and APRA have increased their scrutiny of the claims 
handling practices of Australian insurers. In response to media reports about the 
practices of life insurer CommInsure (including reliance on outdated medical defi- 
nitions to deny claims; assessing doctors being pressured to change their reports; and 
the delaying of claims”’) in 2016 ASIC reviewed the claims handling practices of 
Australian life insurers. Whilst ASIC’s Report 498 on this review did not identify 
evidence of industry-wide misconduct, it noted with concern that declined claims 
were higher for policies that were sold directly to consumers in comparison to those 
that were sold through adviser channels. Report 498 also identified the need for more 
detailed, consistent and transparent data about life insurance claims to better enable 
consumers to compare performance indicators between insurers. As an example of 
good practice Report 498 pointed to the Association of British Insurers’ practice of 
publishing claims payout rates each year, which ASIC noted as having prompted 
standardisation of policy definitions and improved transparency for consumers.”! 
Over the next two years, ASIC and APRA worked collaboratively to improve the 
consistency in the data about life insurance claims,’ and in March 2019 the 


88Financial Services Council, Life Insurance Code of Practice, 2017. See https://www.fsc.org.au/ 
policy/life-insurance/code-of-practice/. 

3 Association of Superannuation Funds of Australia, Insurance in Superannuation Voluntary Code 
of Practice, 1 July 2018 https://www.superannuation.asn.au/policy/insurance-in-superannuation- 
voluntary-code-of-practice; see also ASIC (13 December 2019) Report 646 ‘Insurance in Super- 
annuation 2019-20: Industry implementation of the Voluntary Code of Practice’. 

°° See for example Sarah Ferguson ‘Money for Nothing’ ABC News 7 March 2016 http://www.abe. 
net.au/4corners/money-for-nothing-promo/7217116. 


°! ASIC (12 October 2016) Report 498 ‘Life insurance claims: An industry review’, 6-7. 


°? ASIC ‘APRA and ASIC publish key industry data on life insurance claims’ (Media Release 
17-43MR, 9 November 2017). 
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regulators published their first joint report on life insurance claims and dispute 
statistics.” 

In October 2019, ASIC published Report 633 which set out the findings from its 
review of over 35,000 TPD claims lodged in 2016 and 2017 with seven of 
Australia’s largest life insurers.°* ASIC noted with concern the widespread use of 
restrictive definitions in policies which only provided benefits to claimants that were 
unable to undertake the activities of daily living, which was a factor in nearly a third 
of declined TPD claims.’ ASIC and APRA published a further report on life 
insurance claims data in June 2019 which summarised the percentage of claims 
accepted, the length of time taken to pay claims, the number of disputes and policy 
cancellation rates for life insurance claims lodged in 2018. Similarly to its findings in 
Report 498 this review found declined claims were higher in policies that were sold 
directly to consumers than in the case of policies arranged by financial advisors. ”° 

In July 2019, ASIC published the findings of its review of industry practices for 
investigating motor vehicle claims lodged between September 2016 and September 
2017.” For this review, ASIC examined the records of five insurers accounting for 
62% of written premiums in the general insurance market, and also interviewed 
policyholders whose claims had been investigated. The concerning practices iden- 
tified by ASIC including delays in the resolution of claims; the failure to inform 
claimants about the investigation process and their rights to make complaints; the 
practice of requesting onerous amounts of information from claimants’ and several 
examples of unfair practices by claims investigators.” ASIC’s report concluded with 
several recommendations to improve claims handling practices, including a four- 
month timeframe for finalising claims. ASIC also warned that in future cases where 
it identified poor claims handling practices it would consider using its various 


°3 ASIC ‘APRA and ASIC publish world-leading life insurance data’ (Media release 19-O070MR, 
29 March 2019). 


°4 ASIC (17 October 2019) Report 633 ‘Holes in the safety net: A review of TPD insurance claims’. 
° ASIC (17 October 2019) Report 633 ‘Holes in the safety net: A review of TPD insurance claims’ 
(17 October 2019), 31-47; 86-96. 

°° ASIC ‘APRA and ASIC publish latest data on life insurance claims and disputes’ (Media Release 
19-160MR, 27 June 2019). 

°7 ASIC (4 July 2019) Report 621 Roadblocks and roundabouts: A review of car insurance claim 
investigations. 

°8Examples of information requested from some claimants included criminal record checks, social 
media histories, birth certificates, telephone and text message records, financial statements for each 
of their bank and loan accounts and information about family members and friends. ASIC’s review 
noted that one insurer required some consumers to provide telephone records with an annotated 
explanation for each call: ASIC Report 621 ‘Roadblocks and roundabouts: A review of car 
insurance claim investigations’ (4 July 2019), 9. 

°° Examples of the harmful investigative practices included the use of lengthy interviews, contacting 
claimants at irregular hours and interviewing some claimants in their homes: ASIC (4 July 2019) 
Report 621 ‘Roadblocks and roundabouts: A review of car insurance claim investigations’, 7. 
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enforcement powers, including the power to pursue civil penalty proceedings for 
breaches of the s 13 duty of utmost good faith. "°° 

In addition to the reviews of claims handling practices discussed above, ASIC has 
conducted a number of reviews of industry practices in the selling of insurance.'°! 
ASIC also conducted a more broadly-focused review of corporate governance 
practices of seven of Australia’s largest financial institutions in 2018, which included 
four banks, one general insurer and two large diversified financial institutions (one of 
which issued life insurance), and released its findings from this review in Report 
631 in October 2019.'°? ASIC’s review focused on the oversight by directors and 
officers of non-financial risk—which ASIC’s review defined as encompassing 
operational risk,!°? compliance risk'®* and conduct risk." In its report ASIC 
emphasised the importance of directors formulating clear ‘risk appetite statements’ 
with both leading and lagging indicators, and holding management to account 
against the metrics in such risk appetite statements.'°° Report 631 also highlighted 
the important role of board risk committees in ensuring the timely flow of material 
information to boards about non-financial risk matters. "° 

It is also relevant to note that under s 180 of the Corporations Act, directors and 
officers of Australian corporations "° have generalised obligations to discharge their 
duties with the degree of care and diligence that a reasonable person would exercise 
if they had the same responsibilities in a corporation in similar circumstances. 
Contraventions of s 180 may be attract civil liability (for example, claims for 


100 Insurance Contracts Act 1984 (Cth) Part IXA - Enforcement. 


101 See for example ASIC (October 2014) Report 415 ‘Review of the sale of home insurance’; ASIC 
(February 2016) Report 470 ‘Buying add-on insurance in car yards: Why it can be hard to say no’; 
ASIC (September 2016) Report 492 ‘A market that is failing consumers: The sale of add-on 
insurance through car dealers’; and ASIC (11 July 2019) Report 622 ‘CCI Poor value products 
and harmful sales practices’. 

102 ASIC (October 2019) Report 631, Corporate Governance Taskforce: Director and officer 
oversight of non-financial risk report. 

103 ASIC defined ‘operational risk’ as encompassing the risk of loss resulting from inadequate or 
failed internal processes, people and systems or from external events, and explained that it included 
legal risk but excluded strategic and reputational risk. 

104 ASIC defined ‘compliance risk’ as encompassing the risk of legal or regulatory sanctions, 
material financial loss or loss to reputation an organisation may suffer as a result of its failure to 
comply with laws, regulations, rules, related self-regulatory organisation standards and codes of 
conduct applicable to its activities. 

105 ASIC defined ‘conduct risk’ as encompassing the risk of unethical or unlawful behaviour on the 
part of an organisation’s management or employees. 

106 ASIC (October 2019) Report 631, Corporate Governance Taskforce: Director and officer 
oversight of non-financial risk report, 11-24. 

107 ASIC (October 2019) Report 631, Corporate Governance Taskforce: Director and officer 
oversight of non-financial risk report, 26-50. 

'08Under the Insurance Act 1973 (Cth), which regulates the authorisation by APRA of general 
insurers, and the Life Insurance Act 1995 (Cth), which regulates the authorisation by APRA of life 
insurers, insurers must be registered Australian corporations to carry on an insurance business in 
Australia. 
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damages by members, creditors and/or other affected persons) and also be subject to 
civil penalty proceedings by ASIC.'° All decisions thus far by Australian courts on 
alleged breaches of s 180 have related to financial liabilities incurred by the relevant 
companies—particularly the failure by listed companies to disclose market-sensitive 
information to financial markets such as the Australian Securities Exchange in a 
timely manner. However, in light of both the enhanced focus by ASIC on the 
oversight of non-financial risk by directors and officers of financial institutions, 
and as Sect. 5.2 discusses, ASIC’s ‘why not litigate?’ mantra following the recom- 
mendations of the 2019 FSRC, it is quite possible that the coming years may see 
decisions by Australian courts on the duties of directors and officers in relation to the 
oversight of non-financial risk. 


5 The 2019 FSRC: Key Findings and Reform 
Recommendations 


On 1 December 2017, in response to widespread reports of misconduct within the 
Australian financial services industry, the federal government announced the 
appointment of former High Court of Australia judge the Honourable Kenneth 
Hayne AC QC to chair a Royal Commission into Misconduct in the Banking, 
Superannuation and Financial Services Industry. Following seven rounds of hear- 
ings throughout 2018 involving the examination of over 130 witnesses and the 
review of over 10,000 public submissions, Commissioner Hayne presented his 
final report to the Federal Treasurer on 1 February 2019, which was made public 
on 4 February 2019. Whilst the final report of the FSRC identified numerous 
instances of misconduct within Australian banks and superannuation funds (includ- 
ing the charging of fees on the accounts of deceased customers, delays in reporting 
breaches to regulators and pressure selling), the discussion below focuses on the 
findings of misconduct within Australian insurers. 


5.1 FSRC Findings in Relation to Insurance Claims 
Handling and ASIC’s Enforcement Practices 


In its sixth round of hearings, the FSRC examined the practices of Australian general 
and life insurers across all stages of the insurance process from design and sale of 
insurance products to the handling of insurance claims. In relation to the design of 
insurance products, the FSRC identified several examples of policies with outdated 
definitions and/or overly restrictive exclusions, which lessened the circumstances 
under which consumers might be entitled to successfully claim on such policies. The 


‘Under s 1317E of the Corporations Act 2001, s 180 is a designated civil penalty provision. 
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FSRC also identified several instances of problematic selling of insurance products, 
including misrepresentations or omissions about policy premiums and/or payment 
arrangements, and pressure selling whereby sales agents did not provide consumers 
with sufficient opportunities to review policy documents before committing to 
purchase insurance products. 

The final report of the FSRC included three case studies of unsatisfactory claims 
handling practices. The first of these case studies concerned the practices of TAL 
Life Ltd in handling claims under income protection policies. These included the 
excessive use of private surveillance; bullying tactics and offensive communications 
with claimants; and misuse of daily activities diaries by claimants. The FSRC also 
found that TAL had failed to provide several claimants with an adequate opportunity 
to respond to the proposed declinature of their claims; that its IDR processes lacked 
independence from its claims management functions; and that it had failed to engage 
with the former Financial Ombudsman Service!” in an open and cooperative 
manner.'!! 

The FSRC’s final report included two case studies of misconduct in the handling 
of general insurance claims. The first of these case studies concerned the insurer 
Youi Pty Ltd which had failed to exercise appropriate oversight of a builder that it 
had engaged to repair a policyholder’s house in the NSW mining town of Broken 
Hill following a hailstorm. The delays in repairing the hail-damaged property (which 
totalled almost two years) had left the pregnant homeowner exposed to lead dust. In 
another claim following a tropical cyclone, Youi had failed to ensure the completion 
of repairs to the damaged house of a policyholder’s house, and had also failed to 
arrange emergency accommodation for the policyholders in a timely manner. These 
omissions lead Commissioner Hayne to conclude that Youi had breached several 
provisions of the General Insurance Code of Practice in force at the time.''* 

The second of the FSRC’s general insurance claims handling case studies exam- 
ined the practices of insurer AAI Ltd (AAT) in handling of a claim for storm damage. 
The FSRC found that AAI had breached several provisions of the General Insurance 
Code of Practice that required it to handle claims in an honest, fair, transparent and 
timely manner; and other Code provisions requiring it to keep the policyholders 
updated about the progress of their claim. Commissioner Hayne also condemned 
AAI for its failures to properly inform the policyholders about its internal dispute 
resolution processes—noting that whilst AAI had initially offered to settle the 
policyholders’ claim for $30,000, the former Financial Ombudsman Service later 
awarded the policyholders $744,000 for the cost of repairing their house." "°? 

The final report of the FSRC was also highly critical of ASIC’s tendency to 
respond to instances of misconduct in the Australian financial services industry by 


110 As explained in Sect. 4.2, the functions of the former Financial Ombudsman Service were 
assumed by the Australian Financial Complaints Authority on 1 July 2018. 


111 Hayne (2019). Volume 2: Case Studies, pp. 331-352. 
11? Hayne (2019). Volume 2: Case Studies, pp. 415-431. 
113 Hayne (2019). Volume 2: Case Studies, pp. 445-455. 
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resorting to enforcement measures at lower levels of the enforcement pyramid such 
as enforceable undertakings and infringement notices. As Commissioner Hayne put 
it: 
It is wholly consistent with the analyses that are expressed by the metaphor of the regulatory 
pyramid, that serious breaches of law by large entities call for the highest level of regulatory 
response. And that is what has been missing ... Too often serious breaches of law by large 
entities have yielded nothing more than a few infringement notices, an enforceable under- 


taking not to offend again (with or without an immaterial “public benefit payment”) or some 
agreed form of media release.''* 


Commissioner Hayne therefore recommended that when determining the 
enforcement action(s) to take in response to future instances of misconduct in the 
financial services industry, ASIC’s first question should be: ‘Why not litigate?’.'!° 
ASIC accepted Commissioner Hayne’s recommendations by revising its enforce- 
ment strategy to involve greater use of court-based sanctions.''° 

Commissioner Hayne referred a total of 17 instances of misconduct to ASIC for 
further investigation, which included the misconduct by Youi in its handling of 
general insurance claims, and by TAL in its handling of life insurance claims 
discussed above. ASIC subsequently commenced proceedings against both insurers 
in the Federal Court of Australia (the Federal Court). 

On 27 November 2020, Chief Justice Allsop declared that Youi had breached its 
duty of utmost good faith under s 13 of the ICA through its failure to exercise 
appropriate oversight of the contracted builder in its handling of the Broken Hill hail 
damage claim that had been reviewed by the FSRC. As Youi’s misconduct had 
occurred before 13 March 2019 (when as noted in Sect. 4.1 reforms were made to the 
ICA enabling ASIC to seek pecuniary penalties for breaches of the duty of utmost 
good faith came into effect) ASIC was only able to seek declarations that Youi had 
breached the s 13 duty.'!’ 

ASIC also commenced proceedings in the Federal Court against TAL in respect 
of its handling of life insurance claims. ASIC alleged that through its misconduct 
TAL had breached its duty of utmost good faith under s 13 of the ICA, and that it had 
engaged in false or misleading conduct in breach of ss 12DA and 12DB of the ASIC 
Act, and s 1041H of the Corporations Act. In his judgement on 9 March 2021, 
Allsop CJ found that whilst ASIC’s claims of false or misleading conduct had not 
been made out. Nevertheless, his Honour found that through its failure to inform the 
policyholder that it was examining her medical history; its failure to provide her with 
the opportunity to address the material that TAL was relying upon to decline her 


114 Hayne (2019). Volume 1, p. 433. 
"15 Hayne (2019). Volume 1, p. 427. 


116 ASIC ‘ASIC update on implementation of Royal Commission recommendations’ (Media 
Release 19-035MR, 19 February 2019). 


117 Australian Securities and Investments Commission v Youi Pty Ltd [2020] FCA 1701. 
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claim; and its failure to make inquiries of her treating medical professionals, TAL 
had breached its duty of utmost good faith under s 13 of the ICA. "’ 


5.2 FSRC Reform Recommendations 


In his final report, Commissioner Hayne made a total of 76 recommendations for law 
and/or policy reform, with the Australian government accepting all these reform 
recommendations. '!? Following a consultation process during which exposure drafts 
of the new legislative provisions were released for feedback from stakeholders, these 
reforms were enacted to take effect at various times during 2021. The discussion 
below focuses on the reforms that relate most closely to insurance claims handling. 


5.2.1 Making Insurance Claims Handling a Financial Service 


A significant recommendation of the 2019 FSRC was the removal of the exemption 
of insurance claims handling from the definition of ‘financial services’ under the 
Corporations Act.'*° Commissioner Hayne accepted ASIC’s submission that ‘for 
consumers, the intrinsic value of an insurance product lies in the ability to make a 


successful claim when an insured event occurs’, 7! and from this basis reasoned that: 


There can be no basis in principle or in practice to say that obliging an insurer to handle 
claims efficiently, honestly and fairly is to impose on the individual insurer, or the industry 
more generally, a burden it should not bear. If it were to be said that it would place an extra 
burden of cost on one or more insurers or on the industry generally, the argument would 
itself be the most powerful demonstration of the need to impose the obligation. !7” 


Reforms to implement Commissioner Hayne’s recommendation for removing the 
exemption of claims handling from the ambit of ‘financial services’ under the 
Corporations Act were introduced through the Financial Sector Reform (Hayne 
Royal Commission Response) Act 2020 (Cth), with the new measures taking effect 
from 1 January 2021.'*? The explanatory memorandum to the Financial Sector 
Reform (Hayne Royal Commission Response) Bill 2020 (Cth) to implement these 
reforms explained that a person will provide a ‘claims handling service’ if the person 


118 Australian Securities and Investments Commission v TAL Life Limited (No 2) [2021] FCA 193. 


1 Department of Treasury (4 February 2019), Restoring trust in Australia’s financial system: 
Government response to the Final Report of the Royal Commission into Misconduct in the 
Banking, Superannuation and Financial Services Industry - https://treasury.gov.au/publication/ 
p2019-fsrc-response. 
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12? Hayne (2019), p. 309. 
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makes a recommendation or states an opinion that could influence a decision 
whether to make an insurance claim; assists another person to make an insurance 
claim; assesses whether an insurer is liable under an insurance product; makes a 
decision to accept or reject all or part of an insurance claim; quantifies an insurer’s 
liability under an insurance product; offers to settle all or part of an insurance claim; 
or satisfies a liability of an insurer under an insurance claim.!*4 

The explanatory memorandum went on to explain that the persons required to 
either hold an AFS Licence covering claims handling (or become an authorised 
representative of such an AFS Licensee), will include an insurer; a loss assessor or 
loss adjustor acting on behalf of an insurer; an ‘insurance fulfilment provider’ (a new 
category of persons including smash repairers, builders and any other tradespeople 
contracted by an insurer) with authority to reject all or part of a claim; an insurance 
claims manager; an insurance broker who handles an insurance claim on behalf of 
the insurer; or a financial adviser who provides claims handling services on behalf of 
the insurer. "5 

The new measures will require such authorised persons to handle and settle 
insurance claims in a timely way, without undue delay, balancing the negative 
effects of delay on consumers with the insurer’s reasonable requirements for han- 
dling an insurance claim; in the least onerous and intrusive way possible, including 
requesting information, medical examinations, surveillance and undertaking other 
assessment methods if it is strictly relevant to the claim; fairly and transparently, with 
information about the handling process, the reason for information requests, and 
reasons for decisions provided to consumers; and in a manner that ensures adequate 
support is provided for consumer, particularly for vulnerable consumers (for exam- 
ple those experiencing financial hardship). "° 

The explanatory memorandum provided indicative examples of conduct that 
could be inconsistent with the new requirements for ensuring that claims are handled 
efficiently, honestly and fairly and therefore possibly result in ASIC enforcement 
action. |*’ 

In cases where an insurer is offering to settle a claim through a cash settlement 
instead of repairing or replacing the insured property or product, the insurer will be 
required to provide a Cash Settlement Fact Sheet, which will be required to set out 
the basis for the proposed settlement amount and statements that the client should 


124 Explanatory memorandum, Financial Sector Reform (Hayne Royal Commission Response) Bill 
2020, para 7.13. 


a Explanatory memorandum, Financial Sector Reform (Hayne Royal Commission Response) Bill 
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consider obtaining independent financial advice in respect of the proposed 
settlement. '** 

The explanatory memorandum also explained that an insurer’s failure to provide 
a Cash Settlement Fact Sheet, or the provision of a defective Cash Settlement Fact 
Sheet, could trigger the general offence, civil penalty and civil liability provisions in 
Division 7 of Part 7.7 of the Corporations Act.’ 

On 27 November 2020, ASIC released a draft information sheet setting out its 
approach to regulating insurance claims handling as a financial service, which sets 
out further details of ASIC’s expectations on the contents of “Cash Settlement Fact 
Sheets’ for general insurance claims.'*° It is likely that ASIC will release further 
regulatory guidance on these matters in the near future. 


5.2.2 Making Industry Codes Legally Enforceable 


Whilst the industry codes of practice overviewed in Sect. 4.2 have to date only been 
enforceable by the relevant code governance committees, "°" as Sect. 5.2.1 explained 
the 2019 FSRC Report identified several instances where the sales and claims 
handling practices of Australian insurers had breached the provisions of the General 
Insurance Code of Practice. Commissioner Hayne therefore recommended that the 
provisions of Australia’s financial services industry codes should be legally 
enforceable. '* 

Reforms to implement this recommendation were introduced into the Corpora- 
tions Act through the Financial Sector Reform (Hayne Royal Commission Response) 
Act 2020, with these new measures taking effect from 1 January 2021. Under these 
new measures, ASIC now has the role of approving financial services industry codes 
of conduct, and may designate certain provisions of such codes as enforceable code 
provisions. "°? If a person (such as an insurer) holds out that they comply with an 
approved code of conduct, the Corporations Act now provides for the imposition of 
civil penalties in the event of a breach of an enforceable code provision. "4 


128 Explanatory memorandum, Financial Sector Reform (Hayne Royal Commission Response) Bill 
2020, para 7.41-7.48. 


12 Explanatory memorandum, Financial Sector Reform (Hayne Royal Commission Response) Bill 
2020, para 7.49-7.59. 

130 ASIC ‘ASIC releases draft information sheet for insurance claims handling’ (Media Release 
20-300MR, 27 November 2020). 

131 However, as Enright and Merkin explained in 2015, adherence to the provisions of codes of 
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insurer had engaged in unconscionable conduct, or a breach of the duty of utmost good faith under s 
13 of the ICA: Enright and Merkin (2015), p. 340. 

132 Hayne (2019), p. 24 - Recommendation 1.15 (Enforceable code provisions). 
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5.2.3 Extension of the Unfair Contract Terms Regime to Insurance 
Contracts 


As Sect. 4.1 explained, the unfair contract terms regime under the ASIC Act has until 
now not applied insurance contracts. Whilst the extension of the ASIC Act unfair 
contract terms regime to insurance contracts was previously considered at the time of 
the consultations leading to the 2013 amendments to the ICA” prompting mixed 
reactions from industry commentators,'*° these proposed reforms were not 
implemented at that time. However, following the recommendations of a 2017 
Senate Economics Committee inquiry into the Australian general insurance indus- 
try, 137 the Australian government announced that it would extent the unfair contract 
terms regime to insurance contracts. "°S In light of the misconduct identified during 
the 2019 FSRC, Commissioner Hayne also recommended that the ASIC Act unfair 
contract terms regime be extended to contracts of insurance governed by the ICA. "° 

These recommendations were implemented through the Financial Sector Reform 
(Hayne Royal Commission Response - Protecting Consumers (2019 Measures)) Act 
2020, which makes several amendments to both the ASIC Act and s 15 of the ICA to 
extend the ASIC Act unfair contracts regime to insurance contracts governed by the 
ICA with effect from 5 April 2021. 

Under Division 2 of the ASIC Act, a term in a consumer financial services 
contract may be considered unfair if it meets the three criteria in s 12BG of the 
ASIC Act—which are that the term would cause a significant imbalance in the 
parties’ rights and obligations arising under the contract; that the term is not 
reasonably necessary to protect the legitimate interests of the party that would be 
advantaged by the term; and that the term would cause detriment to a party if it were 
to be applied or relied on.'“° If a term of a consumer contract is found to be unfair, 
the term may be declared void." 

The explanatory memorandum to the Financial Sector Reform (Hayne Royal 
Commission Response — Protecting Consumers (2019 Measures)) Bill 2019 which 
implemented these reforms provided several indicative examples of terms in 


135 The Insurance Contracts Amendment ( Unfair Terms) Bill 2013 (Cth) proposed to incorporate a 
mirror provision to s 12BG of the ASIC Act into a new s 15B of the ICA; however, this proposal was 
not adopted. See e.g. Mann and Drummond (2016), p. 10. 

'36See for example Merkin (2012), pp. 272-298 (arguing against the proposed extension) and 
Nattrass (2012), pp. 299-311 (arguing in favour of the proposed extension). 

137 Parliament of Australia (August 2017) Senate Economics References Committee, Australia’s 
general insurance industry: Sapping consumers of the will to compare, 65. 

138 Australian Government (December 2017) Response to the Senate Economics References Com- 
mittee Report - Senate Economics References Committee, Australia’s general insurance industry: 
Sapping consumers of the will to compare. 

139 Hayne (2019), p. 32 — Recommendation 4.7 (Application of unfair contract term provisions to 
insurance contracts). 

14 Australian Securities and Investments Commission Act 2001 (Cth) s 12BG. 

141 Australian Securities and Investments Commission Act 2001 (Cth) s 12BG. 
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insurance contracts that could be unfair. These include a term that allows the insurer 
to, instead of making a repair, elect to settle the claim with a cash payment calculated 
according to the cost of repair to the insurer, rather than how much it would cost the 
insured to make the repair; a term that is an unnecessary barrier to the insured 
lodging a legitimate claim (for example, requiring the payment of a large excess 
before the insurer considers a claim or requiring the insured to lodge the claim within 
an unreasonably short timeframe); a term in a disability insurance contract that uses 
an outdated, and therefore inaccurate and restrictive, medical definition to determine 
whether the consumer meets the criteria to be eligible to have a claim paid; or a term 
in a contract that significantly reduces the cover offered where compliance with the 
preconditions for being covered is unfeasible (for example, a term in a travel 
insurance policy that only covers loss of luggage when it has been personally 
attended by the insured at all times). !*7 

In preparation for the commencement of these reforms, on 20 October 2020 ASIC 
released updated regulatory guidance on the extended protections under the new 
unfair contract terms laws, and advised that it would engage with the industry in 
preparation for the commencement of these new measures. "4? 

In summary, the new measures introduced through the reforms enacted in 
response to the FRSC’s recommendations now enable ASIC to respond more 
effectively to instances of deficient claims handling practices such as those 
highlighted by the FSRC in the Youi and AAI case studies. These newly enacted 
reforms bring Australia’s regulatory framework in line with the standards envisioned 
by ICP 19.10. 


6 Conclusion and Key Lessons for Other Jurisdictions 
Considering Similar Regulatory Reforms 


In conclusion, whilst the handling of insurance claims can often be a lengthy and 
complex process involving factual investigations, consideration of the application of 
policy conditions, the engagement of external service providers and negotiated 
forms of settlements, it is imperative to bear in mind that for policyholders their 
perceptions of the value of their insurance arrangements will usually be determined 
by their claims experiences. These perceptions will in turn influence consumer 
confidence in specific insurance markets. This chapter has provided two examples 
of how the legal frameworks in the United Kingdom and in Australia now enable the 
respective supervisory agencies to effectively regulate the claims handling process in 
a manner that reflects the standards envisioned under the IAIS Insurance Core 


' Explanatory Memorandum, Financial Sector Reform (Hayne Royal Commission Response — 
Protecting Consumers (2019 Measures)) Bill 2019, para 1.23. 


143 < ASIC updates information sheets on new protections under the unfair contract terms laws’ ASIC 
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Principles. As it is probable that the FCA in the United Kingdom and ASIC in 
Australia will be increasingly active in utilising their enforcement powers in 
response to future instances of poor claims handling practices, it is suggested that 
the application of the laws relating to claims handling in these two jurisdictions will 
be of interest to governments, regulators, insurers and policyholders in other juris- 
dictions in the years to come. 
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Business Registration Data as the Best A 
Vehicle to Achieve KYC and AML aaia 
for Business 


Erick Rincón Cárdenas and Valeria Martinez Molano 


Abstract To achieve the corporate purpose of a company, it is necessary to follow 
the regulations that exist in its respective sector, which include not only the adoption 
of policies and protocols, but also the prevention of fraudulent activities, which can 
be done through a sufficient knowledge of the customer. It is of greater relevance in 
the case of insurance companies, which must sufficiently know their client, taking 
into account their transactions and activities, since the internal decisions that the 
company takes in relation to the risks it assumes are based on its own corporate 
governance policies. 

For this purpose, this chapter proposes the alternative of implementing RegTech 
tools through the adoption of a Single Business Registry. This registry contains all 
the required information from a company, including financial statements for the 
respective periods, which can be supplemented with records already existing in a 
country, as this would facilitate regulatory compliance. 


1 Introduction 


RegTech is a FinTech segment that, through technology, creates solutions to help 
companies comply with regulatory requirements.’ Its main objectives are to improve 
the parameters of regulatory compliance of companies, optimize processes, promote 
business efficiency, and improve customer service. They are the technological tools 
that help different entities, mainly financial ones, to comply with the applicable 
legislation, especially with the normative and regulatory burdens that could be 
verified through the use of data. 


1! Cermeño (2016). 
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A major category within RegTech is primarily dedicated to compliance, provid- 
ing the tools for Know Your Customer (K YC) and Anti-Money Laundering (AML) 
as part of a Customer Due Diligence (CDD) process. 

On the other hand, corporate governance is made up of the set of rules, principles, 
and procedures that regulate the structure and operation of the governing bodies of a 
company. 

The strategic decisions made by the corporate governments of an insurance 
company must have an accurate data analysis to acquire adequate information 
about the client and the possible business that may be undertaken with the latter. 
Thus, having accurate and complete corporate data enables in-depth analysis of 
agents and customers, which generates appropriate product offering strategies and 
direct marketing programs. 

Properly analyzing the data and knowing the customer causes a significant 
demand for time and cost, as compliance with the standard implies an essential 
information requirement. However, it is also necessary to avoid crimes such as 
money laundering, corruption, and crimes related to drugs and terrorism that may 
occur in any country through adequate knowledge of the client and the origin of its 
assets by virtue of the coherence between income and different bank movements. 

The certification and business registration entities are essential component within 
the statistics and operation of the business sector. However, to make its activity more 
efficient, it is necessary to improve public records at the time of data capture. Under 
this scenario, this article aims to solve the question: How can insurance companies 
adopt corporate governance that uses business records to develop KYC or AML to 
improve their own compliance? 

To improve public records and possess the tools for an adequate KYC and AML 
in insurance companies, it is necessary to consider financial information, including 
the definition of income, expenses, and profits for the respective period. This is 
considered the best vehicle to achieve a complete KYC and AML that may benefit 
the entire industry, especially the insurance industry. 

In this context, the information provided during registration could be verified 
against external sources of information, as well as the set of other delegated registries 
existing in a country which facilitate business registration to avoid money laundering 
and other practices. In this way, business records are shown as the central axis of 
KYC in our society, with the aim of preventing the risk of identity theft both for the 
ones who hold the status of merchant, as well as for companies, generating greater 
precision in the analyzation of data when insurance company conducts business. 

Obtaining company information from public commercial registers provides the 
insurance industry protection in its relationships with clients, suppliers, and 
counterparties, through watch list filtering solutions, KYC, and transaction filtering 
and monitoring. 

Finally, these projects are relevant as most of the registries in a country share data, 
and the commercial public registries have accurate and updated information on their 
operations and provide accurate corporate data for an efficient aggregation of risk, 
obtaining even a more precise actuarial price or profitability relationship and 
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improving compliance with regulations such as KYC and AML, among others, thus 
providing the insurance market with legal and operational security. 


2 An Overview on RegTech 


Broadly, it might be thought that regulatory developments and technological 
advances are not closely related to each other. However, these advances have 
changed in recent times the nature and way in which financial services are provided. 
Thus, they have evolved to be in tune with the context that exists at a given time, 
going from being reactive to the crisis, to considering the digital transformation in 
developed countries and the growth in digital financial services in developing 
countries, and finally, to considering the increase in the roles of FinTech and 
RegTech companies.” 

In protecting financial consumers, especially insurance consumers, a complete 
regulation has been generated that implies an increase in costs in the financial system 
involving insurance companies. For this matter, companies seek mechanisms that 
tend to facilitate compliance with all regulations, which increased considerably, thus 
avoiding the imposition of fines.* 

RegTech was born in this context, as were the technological tools applied to 
regulatory compliance. This makes it possible to solve the legal problem of a lack of 
incentive, thus improving competitiveness. RegTech performs online monitoring, 
which identifies problems or irregularities that may arise; thus, in the event of an 
atypical value, it is transmitted to the financial institution in charge of determining 
whether a fraudulent activity was carried out, looking for and identifying possible 
threats to financial security from the beginning, minimizing risks and costs related to 
loss of funds and data breaches.* 

Other authors, like Jake Frankenfield, defined it as “Regtech, or RegTech, consist 
of a group of companies that use cloud computing technology through software-as- 
a-service (SaaS) to help businesses comply with regulations efficiently and less 
expensively. RegTech is also known as regulatory technology.” 

Under this scenario, RegTech makes it possible to comply with the regulatory 
burden that currently exists in the different countries on the financial system, which 
includes insurers, avoiding not only simple breaches, but also the imposition of 
sanctions for failure to adequately comply with the regulatory burden with respect to 
multiple aspects. Consumer protection has a special relevance, for which its ade- 
quate knowledge is required to guarantee the protection of data, as well as the 


? Arner et al. (2017), p. 377. 
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possibility of avoiding fraudulent activities that can be committed in the develop- 
ment of these activities. 

Likewise, and for the specific case, RegTech represents an important advantage 
and has an essential purpose in the regulatory compliance of insurance companies. 
Using technology to manage data and information facilitates compliance with KYC 
and AML regulations, as well as internal regulations of each state. The foregoing is 
based on the sense of organization of the information and compliance as having 
adequate information systems facilitates a permanent audit that guarantees quality 
and success in insurance companies. 

Deloitte® establishes that RegTech provides permanent monitoring that improves 
efficiency in the provision of financial services, freeing up the time generated by the 
investigation not only of the different regulations and capital invested in it, but also 
of those related to the sanctions for a certain breach. In this sense, RegTech acts as a 
tool that enables companies to act proactively and not only reactively, which in turn 
generates significant economic impacts. 

To fulfill the purpose of these technologies that promote compliance, different 
mechanisms such as artificial intelligence or big data can be used, organizing the 
multiple data into information that may be useful in regulatory compliance and 
generating algorithms that identify suspicious activities being carried out, and the 
existing probabilities that a certain activity can be considered fraudulent within a 
company. 

In addition, RegTech companies collaborate with financial institutions and reg- 
ulatory bodies, using mechanisms such as cloud computing and big data, which 
allow information to be shared, since cloud computing is evidently a low-cost 
technology where data can be shared quickly and securely. In this sense, these 
companies combine the large volumes of financial information with the data they 
have from previous regulatory failures to determine, through predictions, areas of 
potential risk in which special emphasis should be placed. 

It is important to note that it is not possible to simplify the entire RegTech 
panorama as a simple FinTech tool since FinTech has the “know-how” of innova- 
tion, but RegTech provides expert knowledge of the industry with special emphasis 
in the risks that need to be mitigated, offering security to users of financial services.’ 

In this way, although FinTech has an approach that is inherent in the financial 
system, RegTech has the potential to be applied in a wide range of contexts, based on 
principles such as Know Your Customer, which is transformed into Know Your 
Data, consolidating as a regulatory paradigm that must consider multiple aspects and 
new axes more broadly than the financial sphere.* 


Deloitte (2016), 07. 
"Deloitte (2016), 07. 
8 Arner et al. (2017), p. 383. 
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3 KYC and AML Within Corporate Governance 


RegTech favors the incorporation of technological solutions regarding improved 
regulatory processes and their compliance through new technological developments 
such as artificial intelligence, machine learning, among others, seeking regulatory 
reforms using technology in important issues such as anti-money laundering and 
KYC compliance.” 

RegTech application can generate important impacts on the financial system, 
especially in insurance companies taking advantage of the potential that they have to 
automate and centralize Know Your Consumer (KYC) processes through 
blockchain technology. This kind of technology is more resistant to modifications 
and records activities in a transparent manner, which supports the integrity of costs, 
reducing them when incorporating new clients. e 

The ease of centralizing KYC processes represents important benefits in compa- 
nies such as insurance since it streamlines security and management processes in 
compliance with the regulations of the countries. In this sense, by automating this 
kind of process, companies can spend less time and resources in the in-depth and 
manual study of each client with respect to the state guidelines and focus on central 
tasks of special interest within their business. 

The expression “Know Your Customer” or KYC first emerged in the United 
States in the late 1960s, with the purpose of referring to the specific obligation of 
loyalty that the broker had, where he must sufficiently know his client to make the 
appropriate investment recommendations, which are adjusted to one’s conditions 
and needs. However, it was at the beginning of the 1990s that the obligation to know 
the customer permeated other banking and financial activities, gaining greater 
relevance since it acquired functions in preventing money laundering; thus, it was 
consolidated as the obligation to identify and to control clients, thereby seeking to 
fight money laundering. '' 

In tune with KYC is due diligence in anti-money laundering and fraud detection 
controls, where together the digitization of the client and partner incorporation 
processes, information exchange and analysis of data, clients, and transactions is 
sought. '? 

Considering that the information requirements on clients have increased to 
prevent terrorist activities and SARLAFT fraudulent businesses, RegTech provides 
reporting regulation systems, which in turn facilitates regulatory compliance by the 
actors involved. 

On anti-money laundering, RegTech companies have had great relevance since 
they tend to improve the fight of different financial institutions against financial 
crimes. As an example, by 2017, based on a Global FinTech study, of 341 RegTech 
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companies, more than 53% were mainly dedicated to AML and KYC-related 
issues. "? 

The need for financial companies, such as insurance companies, to adapt 
RegTech- related alternatives for KYC and AML is given because of the use of 
sophisticated methods implemented by crime that aims to make money obtained by 
illegal means as well as from legitimate funds. Therefore, greater regulation and 
controls on money laundering are necessary by institutions dedicated to this purpose, 
which also manage resources from their different clients. '* 

Under this context of the rise of crime by different means, it is necessary to place 
special emphasis on KYC and AML. Thus, each client or potential client of a 
financial institution or an insurance company should be properly studied under the 
requirements that these two precepts bring with them. This process requires special 
attention and having sufficient documentation regarding identity, income, and prov- 
enance of similar funds.’ Basic and superficial information are not enough, it is 
requiring depth for the technological tools to acquire the data sufficient to foresee 
situations that may compromise entities or insurance companies. 

The need arises because currently, at the time of making transactions with 
different companies, whether involved in banking services or providing insurance, 
insurance entities no longer have enough confidence in traditional risks management 
systems. These have shown significant shortcomings that raise questions not only to 
the companies themselves, but also to the insurers, engaging in activities that may be 
criminal from not having sufficient regulatory support. 

Therefore, insurance companies sought technology and apply it to comply with 
the regulation and different standards, with an emphasis on adequate knowledge of 
their clients and potential clients by processing the large amount of information and 
data that they can count on, thereby avoiding the carrying out by the insured of 
fraudulent activities such as money laundering. 

It should be noted that the AML and KYC requirements regarding RegTech were 
established by the FATF and the Basel Committee, which seek to promote the 
implementation in different countries of RegTech solutions that not only simplify 
processes and guarantee regulatory compliance, but also identify transactions that 
may be suspicious.'® 

In this sense, the importance of RegTech in insurance companies is clear, where it 
is necessary to have adequate customer information before providing the respective 
insurance, thus guaranteeing an adequate origin of funds and the legality of all 
movements made by the insured company, which makes it possible to control not 
only the activity of the insured but also compliance with the regulation. 

The implementation of RegTech tools is not a measure that can be used within an 
insurance company suddenly and indiscriminately. It is necessary to start making a 
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series of decisions within the company that come from its different organs and are in 
tune with all its policies and objectives. It is also necessary to consider how these 
emerging changes that have been brought about by technological advances may have 
repercussions on insurance companies, making it necessary for the existence of an 
interaction between corporate law and insurance regulation. 

Within any company, especially insurance companies, taking into account the 
activities they are engaged in, there are circumstances that may make them more or 
less prone to risk. Therefore, it is not possible to completely eliminate the risks that 
arise in a company, the most relevant being the conscious acceptance of risk levels, 
communicating decisions to shareholders to take actions for their mitigation and 
control, using the tools and standards available.'’ 

Based on the above and considering that companies will always have some kind 
of risk, even the more they try to moderate them, the author Javier [smodes Cascén'® 
points out that an adequate corporate governance should seek to ensure that risks are 
understood, managed, and communicated appropriately. Thus, although at the time 
of conducting legal business controls and audits are carried out, there is no adequate 
qualification of ex-ante risks or those indicators that alert potential risks before they 
occur. Therefore, to prevent this class of risks in insurance companies, it is required 
to have an adequate KYC, which tends to identify future clients by investigating the 
origin of funds and their history of transactions and exchanges. 

With respect to insurance companies, in Colombia specifically, the “Federación 
de Aseguradores Colombianos”—Fasecolda—is constituted, a non-profit entity that 
groups and represents the insurance sector mainly against surveillance and control 
entities. In 2007, this body approved the guidelines for establishing a corporate 
governance code for the Colombian insurance sector, which had as its main objec- 
tive to offer a framework of behaviors and actions for insurance companies that 
would provide security, projection of interests, and in general, a responsible man- 
agement of the entire company.’ 

The code of corporate governance above seeks to mitigate risks, provide trans- 
parency, and facilitate decision-making, generating greater confidence and better 
management of resources to reduce risks.”° 

The relationship between adequate corporate governance, which seeks to make 
correct decisions and regulatory compliance, is found in Legal Compliance. The 
action that aims to comply with the standard is the activity of obedience to the 
standard that is agreed or imposed. In this way, it is aimed at ensuring compliance 
with the company obligations, providing mechanisms that require adherence, and the 
study of compliance with current regulations, whether they are mandatory rules or 
different obligations voluntarily assumed by the company.”! 
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Under this scenario, the corporate governance of insurance companies is in 
charge of implementing an adequate legal compliance within their organization, 
including current regulations. For this, it is important to use the tools that the world 
provides us, which not only ensure greater compliance, but also create cost effec- 
tiveness and efficiency. Thus, it is important that the different corporate governments 
duly study the possibility of applying RegTech tools within their organization. 


4 The New Solution: Business Records 


As mentioned, certification and business registration entities currently occupy a 
crucial role for the proper functioning of companies. They cause the registration of 
the main information of each society, generating with it a general database with basic 
information. 

Most of the information available to these entities is obtained, in the Colombian 
case, from the records voluntarily made by the people of their companies, such as 
notification addresses, subscribed, paid, and authorized capital, corporate purpose, 
legal representative, among other information, which, although it is highly relevant, 
is inadequate to fully understand a company and all the activities it carries out, as 
well as different asset movements. 

This lack of information creates the possibility that insurers may provide their 
services to companies whose assets may be made up of illicit money. This occurs 
from having inadequate knowledge of the client and lack of a large public database 
that guarantees transparency in the actions of the different market participants. 

In this context, it is proposed as an alternative the obligatory nature of financial 
and accounting information, including income, expenses, and profits that must be 
registered in a single business registry, thereby seeking a KYC and AML. Thus, the 
corporate governance of insurance companies can be based on such records to have 
the well-founded and sufficient knowledge in insuring a respective client, preventing 
fraudulent activities and identity theft, and improving the internal compliance of 
each company. 

A single business registry with sufficient information results in in-depth knowl- 
edge of the different clients of the insurance companies, taking into account their 
accounting history and income origin. This translates into an adequate KYC that 
facilitates better data treatment for AML policies based on RegTech, which are 
consolidated and capable of carrying out specific actions aimed at preventing 
fraudulent activities. 

It should be noted that, in addition to the implementation of the Single Business 
Registry with sufficient information, the decisions to adapt it must be implemented 
within each company, also taking into account the adoption of RegTech tools. 

For the implementation of the proposed Single Business Registry, it is important 
to know some aspects that the legislator must consider for the consolidation of a 
project of such magnitude. In this sense, a regulation that enables interoperability 
between the different registration systems present in a country is necessary so that an 
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exchange of information is carried out, reducing costs for entrepreneurs while 
increasing the quality and updating of the data for the knowledge of the interested 
parties. 

In the case of a country like Colombia, different registration systems have specific 
functions. There are records for merchants and records for natural or legal persons 
who intend to carry out contracting processes with the state. In this case, it would be 
necessary to have a regulation that would enable interoperability between these 
information systems, enabling the transmission of information. Additionally, the 
legislature must analyze the possibility of a consolidated system where interested 
parties can consult the information in the registers without having to go to each one 
individually. 

Additionally, special emphasis must be placed on the legislator at the time of its 
regulation concerning the information that can be considered sensitive. Although 
greater publicity and transparency are sought to guarantee the KYC and AML, the 
monitoring of the personal data protection policies of each state must be considered 
to have an appropriate regulation that only represents benefits for the market 
participants. 

Based on the above, RegTech promotes good corporate practices in compliance 
management and improves the results of regulatory compliance. In this sense, it 
enables the ordinary fulfillment of tasks, reducing operating costs related to the 
performance of daily tasks in a company.” 

Given the importance of RegTech’s application, Christopher Woorlard, Director 
of Strategy and Competition at the Financial Conduct Authority—the regulatory 
body for financial services in the United Kingdom—identified several uses of 
RegTech that can be highlighted in this case, which, when in tune, may result to 
the proper functioning of RegTech tools in compliance with the objectives set: 


1. Facilitates compliance of companies with legal requirements, such as reports, 
documentation, among others. 

2. By promoting efficiency in compliance, it is aimed at closing the gap between the 
intention of the regulatory requirements, their subsequent interpretation, and the 
effective implementation within a company. 

3. The implementation of RegTech tools simplifies and helps companies to manage 
and exploit existing data, facilitating the best decision-making and finding in real 
time those who are not following the regulations. 

4. Finally, the author points out that technologies and innovations give rise to more 
efficient regulation and compliance processes.” 


For RegTech to function properly in areas such as KYC and AML, which are the 
most structured applications to date in financial companies, proper data management 
must be had, implementing structured data under provisions and rules, using mech- 
anisms such as predictive analytics and machine learning, which help identify inside 
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information, threats and information that may be suspicious and related to fraud and 
financial crimes, as well as the use of privileged information and misconduct, all of 
which are collected through data exchanges in the network, such as telephone calls, 
exchanges in emails, commercial transactions, among others.” 

As the authors Tom Blutler and Leona O’Brien” point out, for the proper 
management of KYC and AML, a traditional approach of technologies has been 
used that seek to transform and map the regulation of legal provisions through rules 
in software codes. However, this can create a solution called “black box” since 
violations of the regulation may be presented by the client that are not encoded in all 
its variables. That is, the commission of a certain conduct may be codified, however, 
there is not only one way to commit it. Hence, when coding it, it generates multiple 
existing combinations which cannot be entered in the code for the same act, thus 
some fraudulent behaviors could not be properly avoided. 

In this sense, Nizan Geslevich Packin? says about the problem, “it requires a 
carefully tailored design of the technology, a joint effort of the regulators and the 
private sector, and some shifts in corporate thinking.” Therefore, the application of 
technological tools should not be carried out in isolation, but in tune with the entities 
and the needs of the private sector and insurance companies. 

Under this scenario, there must be an agreement and joint effort between the 
companies interested in the application of RegTech tools to improve their compli- 
ance in relation to KYC and AML and both public and private entities, such as, in the 
Colombian case, the Chambers of Commerce and DIAN, where they were able to 
unify the information to a single database, which by implementing tools such as 
predictive analytics, AI, among others, facilitate the prevention of the commission of 
crimes and provides sufficient knowledge for companies before carrying out the 
respective hiring or underwriting. 

In addition, the legislator must also consider whether there are limitations for each 
entity to transfer its information. In this sense, it is necessary to analyze the total 
legislative panorama of each country to determine the extent of the integration of 
registers. It is not a question of the elimination of a particular record, since each one 
seeks the satisfaction of specific objectives, but of a consolidation of information that 
is complete, updated, and truthful, based on the existing data. 

One of the main problems for a correct implementation of the proposal is the 
proper handling of the data, as it does not only refer to a few of them but to big data, 
that is, “data that contains a greater variety and that is presented in increasing 
volumes and at a higher speed.””’ 

Among the main challenges that regulators faced and that the Single Business 
Registry that arises could have is the management and processing of the big data. 
However, it is at this point where the different regulators must work in tune with 
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FinTech and Insurtech tools, determining not only the information that is considered 
relevant for its adequate treatment in line with the proposed objectives, but also the 
ideal means to collect it, such as through the expansion of the necessary information 
in the Single Tax Registry, or that which is registered at the time of the renewal of the 
Commercial Registry or other existing registry systems in the country. For this, 
regulation is necessary that not only guarantees the implementation of the appropri- 
ate tools, without limiting them, but also flexible to the changes necessary for proper 
operation. 

In this sense, an adequate management of information resources and the data 
themselves is a potential agent of change and transformation for KYC and AML, 
which paved the way to the introduction of the concept of Know Your Data (KYD), 
since it is not only a matter of the insurance companies having an incalculable 
variety of information in their bases, but of the proper use given to it. Therefore, if 
this information is in the hands of the industry at a general level, efforts in the fight 
against laundering can be strengthened while reducing certain compliance costs and 
guaranteeing regulatory compliance of companies. 

In this way, by implementing the Single Business Registry for insurance compa- 
nies, with the goals that have been previously noted, compliance is achieved, which 
means acting in accordance with internal rules, regulations, laws, and procedures. 
Thus, when it is indicated that a company is compliant, this means that it complies 
with the regulations that the regulatory bodies impose, depending on the activities 
undertaken by it.” 

For its fulfillment, it now depends to the respective body of each entity respon- 
sible for making decisions to implement the information in the Single Business 
Registry after it has been created, to prevent money laundering and obtain sufficient 
internal controls for normative compliance and its specific purposes. 

The importance of the proposal is given because having an adequate RegTech 
through a Single Business Registry facilitates the KYC, which provides security on 
the legality of the clients. However, this has an important precedent in the Financial 
Action Task Force (FATF), which in 2007 published an important document that 
addresses market risks, how these should be managed efficiently, as well as the 
mechanisms to establish minimum due diligence parameters with the client.*? 

Aside from sufficient documentation as support and presence in the registry 
where insurance companies have access to, it is important to bear in mind that 
adequate KYC policies must contain the following: 


1. Customer acceptance policy 
2. Customer identification 
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2.1. General identification requirements 

2.2. Specific identification issues such as: trust accounts, corporate vehicles, 
business presented, client accounts, political persons, clients not present, 
and correspondent banking 


3. Continuous account and transaction tracking 
4. Risk management? 


In this sense, both banks and insurance entities implementing RegTech policies 
must seek to sufficiently know the identity of their clients, control the activities they 
carry out, and take into account their account information to determine the trans- 
actions that are not within their normal business or those that are expected for the 
type of client or account. In this sense, the KYC is a necessary element in risk 
management and control, and it is essential that it is supported by compliance 
evaluations and internal audits.*! 

Finally, as an additional aspect for a possible RegTech implementation in the 
insurance area, in 2018 the IV International Congress of Insurance Law was held in 
Colombia, where the Financial Superintendence of Colombia, the body in charge of 
regulating the country’s the financial market, announced that it will launch three 
tools that aim to promote and seek to facilitate innovation in the financial system, 
namely: 


— The hub, which acts as a meeting point for entities so that those interested in the 
FinTech sector can exchange information. 

— “La Arenera,” which through a control environment and in real time, facilitates 
the development of products, technologies, or business models. 

— Finally, and with special relevance for this work, the aim is to implement 
RegTech, aiming through its use, by the Superintendency, to streamline and 
optimize internal processes in regulatory matters, thanks to the use of technolog- 
ical developments. 


By implementing RegTech tools, the Financial Superintendency, in tune with the 
chambers of commerce, could exchange their information and generate a complete 
source of information that can be consulted by those interested. Thus, not only would 
it provide companies with an adequate KYC, the same superintendence could also 
more efficiently exercise its supervisory function, seeking compliance with the 
regulations by all insurance companies. 


3°Bank of Spain (2002). 
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5 The Sources of Information in the Business Registry 


To have a single business registry that contains all the necessary information for 
RegTech to have an adequate management of KYC and AML, it is necessary that 
such information is complete and is obtained by contrasting the different external 
and internal sources of information on which a company can count. Hence, the 
importance of information is evident, as indicated by Arias and Portela,” 

Las organizaciones empresariales son concebidas como entidades procesadoras 
de información, independientemente de su actividad, ya que todas las empresas 
tienen necesidad de obtener y analizar información actualizada sobre mercados, 
costos, ventas y procesos de producción. Esta información procede tanto de fuentes 
internas como fuentes externas a la organización, y, una vez procesada y utilizada, 
genera, a su vez, nueva información que será difundida dentro y fuera de la empresa 
(p. 11). 

Translated to English as follows: 

Business organizations are conceived as information processing entities, regard- 
less of their activity, since all companies need to obtain and analyze updated 
information on markets, costs, sales, and production processes. This information 
comes from both internal and external sources to the organization, and once 
processed and used, generates, in turn, new information that will be disseminated 
inside and outside the company (p. 11). 

It is the information which provides enough tools for adequate compliance that 
promotes knowledge of the client and avoids fraudulent activities. Although the 
company may possess internal information provided by the client, it is necessary that 
this information be contrasted with external sources for verification, granting a 
greater degree of certainty and transparency in the actions. 

The Single Business Registry must have information systems that take raw data 
and transform them into knowledge that can be used by companies such as insur- 
ance. Thus, the information system can be defined as “un conjunto de 
procedimientos ordenados, que proporcionan informacion efectiva para apoyar la 
Toma de Decisiones y, con ello, asegurar el control de la organización”; translated 
to English as “a set of ordered procedures, which provide effective information to 
support Decision Making and, with it, ensure control of the organization.”** 

In this measure, it is not enough to indiscriminately obtain the information 
reported by companies and potential clients, it is necessary to organize and adapt 
it in a way that represents a true utility. In the case of insurance companies, they must 
contain clearly and easily accessible information on potential policyholders, with 
access to assets, liabilities, and current income, in addition to the requirements that 
insurance companies consider aspects of study at the time of making an assurance. 

Having the information that facilitates the adequate execution of the company’s 
corporate purpose and proper management is a key element for the development or 
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maintenance of advantages within a company; in this way, the required information 
and the possible sources of collection for such information must be clearly identified 
to define a structure for its processing, communication, and implementation with 
respect to clients and in decision-making.*° 

The information that business records should have should be obtained mainly 
from external sources of information. The internal sources are those internal docu- 
ments and records of operations of a company, generated through reports of depart- 
ments, procedures, and products. This kind of information makes it possible to know 
the conditions of insurance companies to insure other companies, analyzing the level 
of risk that it can assume, among others—factors necessary for making decisions 
from within. 

In this regard, as indicated by UMB Virtual, external sources provide information 
generated outside the company, such as publications by public entities, development 
or international organizations, associations, directories, databases, or the press. It is 
generally the information to which a company refers because it is outside its scope 
and normal course of business and operation. In this sense, a Single Business 
Registry must go to these external sources to obtain its information, based on 
existing registries and on the obligation to register certain information by companies. 

In this sense, insurance companies could have a wide range of information not 
only internal for them to know their business scope, but also about potential clients 
by consulting a single information system complete enough to avoid isolated 
consultation of different information bases. In the same Registry, everything that 
is necessary for an adequate management of all its objectives is found. 

It is necessary to note that although there are already records that contain different 
information from companies, the majority have basic information such as: (i) general 
data (including ID number, address, corporate purpose, among others), 
(ii) establishment and branches, (iii) administrators, (iv) legal publications, 
(v) press publications, and (vi) commercial references and suppliers. These show 
the lack of information regarding the commercial activities of the companies and the 
relationships between assets, liabilities, and profits. 

The foregoing is relevant because it is known that in a country like Colombia a 
company can have broad social objects, where “any legal activity” is indicated, 
which can open multiple possibilities that a company can carry out, making it 
difficult to really monitor and control by the interested parties, such as insurance 
companies. Additionally, although what is related to the publicity of a company’s 
accounting information is questionable, certain information is necessary for entities 
such as banks, as its record makes it easier to detect the possible performance of 
suspicious activities. 

Companies such as “Einforma” in Colombia prepare reports on different compa- 
nies, which include not only basic information, but also evaluations of commercial 
risk, financial situation, of establishments, commercial references, commercial pol- 
icies, shareholders, and occupational risk, among others. This platform uses sources 
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of primary business information, taken from public sources and the media, and 
sources of secondary business information, which comes directly from the company. 
While it has a complete record of essential information that could be useful for 
insurance companies, this information is not public, so payment must be made to 
access it. This is understood at present since a private company collects the data and 
consolidates it as useful information. However, if there were already a public access 
tool where it is mandatory for companies to register certain information, the costs to 
access it could decrease, the tool being public makes access simpler and updated. 
In conclusion, it can be established that the different companies, especially 
insurance entities, rely on external sources of information to implement RegTech 
tools for an appropriate KYC and AML, facilitating the fulfillment of the informa- 
tion needs, providing updated, relevant, reliable, and valid information—informa- 
tion that is necessary to solve questions and make hiring and assurance decisions*°. 


6 Some Difficulties in Its Application 


Finally, following the concept of the author Nizan Geslevich Packin®’, it is worth 
highlighting some difficulties in the RegTech application that cause it to be infre- 
quently used with respect to the challenges of corporate governance, among which 
the following can be highlighted: 


1) The motivation of market participants to assist in the formation of a common 
solution is unclear. In this sense, the cost/benefit analysis for compliance with 
regulatory obligations is partial, since it only covers the individual operational 
response of a specific entity, rather than the entire industry, which limits the 
ability to devise a common solution. 


This difficulty would not be visible in the proposed registry, since a Registry with 
the aforementioned information and characteristics would provide important solu- 
tions for a large percentage of companies not only in the insurance industry but also 
in different sectors of the economy. In this sense, as indicated above, a Registry with 
general and accounting information, and with the main transactions, would provide 
assurances to companies at the time of hiring, having security of the identification 
and knowledge of their client, which in turn facilitates regulatory compliance and 
prevents fraudulent activities. 


2) There is a lack of a general mandate or even an established standard on RegTech 
solutions. As indicated by the author, technology providers, finance companies, 
and legislators are reluctant to establish dialogue on common solutions, making 
their implementation more difficult for companies. 


3©ComuExter13 (2017). 
37 Geslevich (2018), p. 211. 
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This approach is shared with the author since RegTech and the possible solutions 
that its implementation can provide are currently seen as a scenario in the develop- 
ment process, which is why the information about it is scarce, even more so its 
possibilities of implementation. 

Colombia is still in a process of identifying, recognizing, and starting the imple- 
mentation of technology in different fields, which is why the lack of general 
knowledge and guidelines on RegTech results in its lack of use and homogeneity 
in policies that would have benefited all participants in an industry such as insurance. 

Thus, a solution to this difficulty is the dialogue between the different parties that 
provide managing solutions for regulatory compliance, implementing technological 
tools, thereby providing greater visibility to RegTech solutions in achieving objec- 
tives and reducing operating costs. 


3) The complexity in the connection and interaction of regulatory initiatives makes 
it difficult to adopt common solutions. In addition, difficulties in relation to data 
protection can constitute an obstacle to the efficient exchange of information. 


As stated, the difficulty related to the security of the information and the privacy 
of the same within a company is recognized. Although the obligation for certain 
information is proposed to facilitate its access and consultation, the problems that 
this could bring with it on data protection is undeniable. Thus, it is necessary for 
RegTech tools and the proposed single business registry to use technology not only 
to guarantee the transparency of the information and provide access to it for multiple 
actors, but also to give security in the proper handling of such information by the 
companies. 


7 Conclusions 


Aiming for an adequate regulatory compliance within a company, as well as the need 
for business efficiency in relation to decision-making for contracting with different 
clients, thereby preventing and controlling the performance of illegal activities by 
the insured, the implementation of RegTech was shown as an alternative that 
facilitates the fulfillment of such objectives, allowing in its application not only 
the adequate compliance with the legislation and regulatory loads through utilization 
of data but also providing security and reducing costs. 

As authors such as Douglas W. Arner, Janos Barberis & Ross P. Buckley*® point 
out, the implementation of RegTech is not only justifiable in making a financial 
regulation more effective and affordable for the different stakeholders, but it can also 
be implemented as a mechanism to reconceptualize and redesign financial regula- 
tion, taking into account the transformations that the market has undergone in this 
regard. 
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Considering the relevance of the certification and business registration entities, 
the implementation of a single business registry with sufficient data for each 
company taken from different entities within a country, such as the Chamber of 
Commerce and DIAN, in the Colombian case, was shown as an important element of 
RegTech application for the consultation of customer information, thus generating 
an adequate KYC and AML. 

Insurance entities can adopt a single registry to develop customer awareness or 
anti-laundering tools and improve their own compliance from the decisions made by 
corporate government, thus, a corporate government that is solely responsible for 
making decisions is not enough. Decisions which are usually based on internal 
information sources must necessarily use external sources such as the single registry 
to have sufficient knowledge and provide the insurance company with tools for an 
adequate risk analysis. 

To this extent, for the insurance companies to achieve optimal KYC and AML, 
the single registry must have the general accounting and financial information of 
each period as mandatory information. This registry and its subsequent implemen- 
tation by the corporate government of each company is the best vehicle to achieve a 
complete business KYC and AML that favors not only the insurance industry, but 
generally the important sectors of the industry in decision-making. 

The idea that business records are the central axis of the KYC of our society is 
defended, having important functions in preventing the risk of identity theft, such as 
knowledge of the activities and transactions made, alerting risky actions. 

Based on the above, it can be pointed out that the way companies use information 
is an aspect that allows them to generate competitive advantages between organiza- 
tions. Thus, as Patricia Gonzalez and Tatiana Bermúdez” point out, the strategic use 
of information is useful in decision-making, providing changes that have represen- 
tation and create knowledge. 

In the field of insurance companies, having sufficient information through a 
complete business registry that has the adequate resources and data for greater 
facilities when providing their services is extremely important, since taking into 
account the insurance activity which is based mainly on the acceptance and man- 
agement of risks from third parties, the use of such information reduces the risks 
inherent to the activity, generating significant advantages for companies not only in 
their processes but also in economic terms. 

Based on the above, to the extent that insurance companies have access to a 
varied information system associated with clients and therefore to risks, they will 
have more adequate tools for making business decisions. Having a greater knowl- 
edge of the insured object, that is, of the risk and its client, which, as the author 
Andrea Londoño”? points out, empowers the insurance companies to implement: 


3° González and Bermúdez (2010), p. 86. 
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(i) Mejores políticas de suscripción y mitigación de riesgos (contragarantias o 
garantías en los Contratos de Seguros), mejores esquemas de tarifación 
(Pricing) 

Gi) Mejores y mas adecuados productos a ser ofrecidos a los consumidores, a la 
luz de sus necesidades reales y hábitos de consumo y 

Gii) Mejor y más eficiente diseño y manejo de reclamaciones y políticas antifraude 


Translated to English as follows: 


(i) Better underwriting and risk mitigation policies (counter-guarantees or guaran- 
tees in Insurance Contracts), better pricing schemes (Pricing) 
(ii) Better and more suitable products to be offered to consumers, considering their 
real needs and consumption habits 
(iii) Better and more efficient design and handling of claims and anti-fraud policies 


In conclusion, it is important that corporate governments, especially the ones at 
the insurance market, seek the implementation of RegTech tools that facilitate 
regulatory compliance. A crucial strategy is the single business registry that has a 
complete and detailed information on each of the companies to guarantee an efficient 
KYC and AML appropriate to their needs. 

Finally, it can be seen how the application of RegTech still present some 
difficulties that must be solved so it can be implemented optimally. However, with 
existing tools, it is possible to use RegTech in a country like Colombia to facilitate 
information-based decision-making for insurance companies, which minimizes their 
risks and facilitates regulatory compliance. 
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The Influence of Public and Corporate A 
Insurance Law on the Application of Private sss 
International Law: Selected Issues 


Mariusz Fras 


Abstract The regime of obligations arising under insurance relationships, as expressed 
in Art. 7 of the Rome I Regulation is, however, relatively complex. The criticism seems 
legitimate of academic authors who quite clearly express their negative attitude to the 
wording of that provision, calling it a “labyrinth” or even “pandemonium of interna- 
tional law.” As a result of the not particularly transparent nature of that regime, it can be 
doubted if in all situations the “weaker party” was afforded due protection. Negative 
answer to that question prompts a search for other solutions which allow to achieve the 
effect of conflict of laws designation of a law giving effect to the postulate of protecting 
the weaker party to the insurance relationship. The purpose of the study is to indicate, in 
the first place, the existing criteria of the division into public law and private law in the 
context of private international law. The second purpose is to analyze the phenomenon 
of mutual interpenetration of private and public law in the private international law of 
insurance contracts. The purpose of considerations was to indicate the mutual interpen- 
etration between EU provisions of public and corporate law, as well as the impact of 
national provisions of the same type on private international law. 


1 Introduction 


The specificity of insurance contracts was noticed already in the applicability period 
of the Rome Convention.’ Already at that time, it was proposed to introduce a 
special conflict of laws rule for direct insurance contracts.” These intentions, 
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however, were not put into practice. This did not follow from any revision of the 
assumptions made by the authors of the Convention at an early stage of legislative 
works. The absence of rules offering protection to the non-professional party of an 
insurance contract in the Convention itself was a consequence of exclusion of 
insurance relationships from its material scope. The relevant conflict of laws pro- 
visions were included in subsequent insurance directives.* On the entry into force of 
the Regulation (EC) No 593/2008 of the European Parliament and of the Council of 
17 June 2008 on the law applicable to contractual obligations (Rome I)‘ this state of 
affairs was underwent a major change. The endeavor to afford special protection to 
the “weaker party” found manifestation already in Recital 23 of the Regulation, in 
which it was stipulated that “[a]s regards contracts concluded with parties regarded 
as being weaker, those parties should be protected by conflict-of-law rules that are 
more favorable to their interests than the general rules.” This thought was developed 
in Recital 32 sentence 1 of the Regulation, where it is emphasized that “[o]wing to 
the particular nature of contracts of carriage and insurance contracts, specific pro- 
visions should ensure an adequate level of protection of passengers and policy 
holders.” It should be noted that the EU legislator avoids using the term consumer 
in relation to parties of insurance transactions.” However, private international law 
offers a special treatment both to insurance agreements and already mentioned 
consumer contracts. Bearing the above in mind, the legislator decided to apply 
different protection mechanisms. While in the case of consumer contracts (Art. 6) 
protection is afforded by means of alternative corrective connectors, in the event of 
insurance agreements the legislator adopted a less complex solution based on a 
limited choice of law (Art. 7). 

When making a holistic analysis of the Rome I Regulation, one may differentiate 
between four insurance categories, which are covered by the scope of application of 
different conflict of laws rules. The mutual differences among them are significant 
enough that one may speak of several separate conflict of laws mechanisms.’ It is 
even indicated that in Art. 7 of the Rome I Regulation there are various “subsystems” 
of conflict of laws tules,® which some refer to as “sets of conflict of laws rules,” 
while others call them “situation groups.” "° 

The first category in this classification system are insurance contracts relating to 
large risks, the second one—insurance contracts involving other risks, referred to as 
mass ones, which are situated in the territory of the Member States of the European 
Union, the third one—compulsory insurance contracts. The last of the categories for 
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which the EU legislator provided special conflict of laws rules are insurances relating 
to mass risks situated in the territory of third countries and reinsurance contracts. 

Pinpointing the appropriate conflict of laws rules for a given insurance agreement 
requires, in the first place, to determine the character of the insured risk. Such 
procedure allows to ascertain if the agreement is a large risk contract or a mass 
risk contract. As far as agreements belonging to the latter category are concerned, it 
also becomes necessary to identify the legal area in which the risk is situated. As a 
part of the qualification procedures, one must not overlook the special character of 
compulsory insurances. In a situation where the obligation to enter into the insurance 
contract is imposed by a Member State of the European Union, a distinct 
“subsystem” of conflict of laws rules applies.’ 

The regime of obligations arising under insurance relationships, as expressed in 
Art. 7 of the Rome I Regulation is, however, relatively complex. The criticism seems 
legitimate of academic authors'* who quite clearly express their negative attitude to 
the wording of that provision, calling it a “labyrinth”? or even “pandemonium of 
international law.”'* As a result of the not particularly transparent nature of that 
regime, it can be doubted if in all situations the “weaker party” was afforded due 
protection. Negative answer to that question prompts a search for other solutions 
which allow to achieve the effect of conflict of laws designation of a law giving 
effect to the postulate of protecting the weaker party to the insurance relationship. 
The purpose of the study is to indicate, in the first place, the existing criteria of the 
division into public law and private law in the context of private international law. 
The second purpose is to analyze the phenomenon of mutual interpenetration of 
private and public law in the private international law of insurance contracts. 


2 The Legal Qualification of the Concept of Insurance 
Contract and the Concept of Insurer in Private 
International Law 


Analysis of the concept of insurance contract in the understanding of Art. 7 should 
start with identification of such contract’s characteristic features. '> 

Protection of the insurance interest is realized by a transfer (assumption) of the 
insurance risk. For that reason, the concepts of insurance risk and insurance interest 
account for the essence of insurance as a method of transferring risk.'° The transfer 
of risk, approached through the prism of collectively understood insurance, is 
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uniformly regarded as distribution of risk between parties participating in an insur- 
ance fund.'’ On the other hand, the analysis of the risk transfer through the prism of 
contents of the insurance obligational relationship allows to conclude that such 
transfer may generally take place in two ways, according to the dichotomous 
division of insurance into its economic types. Under the commercial type, the insurer 
takes over the risk from each insured party separately.'* Under the mutual type— 
within the relation between the mutual insurance institution and its members 
(Mitgliederversicherung)'°—the insurer does not take over the insurance risk, 
which is distributed among insured parties.”° 

Contracts under which the insurance risk is assumed by the insurer (commercial 
insurance type), are generally referred to as insurance contracts. The insurance 
nature of the assumed risk allows to distinguish that contract from other ones 
under which risk is transferred.”! On the other hand, the source of the insurance 
relationship between a mutual insurance institution and its member may be a contract 
named otherwise than insurance contract. Examples are provided by German and 
French law. Under the second sentence of § 2 of the German VAG,” member of a 
mutual insurance society (Versicherungsverein auf Gegenseitigkeit) “may only be a 
person establishing an insurance relationship with the society.” Therefore, it is 
assumed that, on such occasions, the source of the insurance relationship is an 
agreement for the accession or admission to the mutual society (Beitritts- oder 
Aufnahmevertrag zum Gegenseitigkeitsverein).’? Such contract is also the source 
of the membership relationship.” By contrast, institutions de prévoyance (prudence 
institutions) incorporated under the French law” establish insurance relationships by 


2 


collective acts with compulsory adhesion (opérations collectives ý adhésion 
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obligatoire),”° collective acts with optional adhesion (opérations collectives F adhé- 
sion facultative)’ or individual acts (opérations individuelles).°® The source of an 
insurance relationship may not be only a contract but also declarations of adhesion to 
the terms and conditions applied by institution de prévoyance.”° 

The contract establishing an insurance relationship between the mutual insurance 
institution and such institution’s member may be qualified from the conflict of laws 
perspective as an insurance contract in the understanding of Art. 7 

National legal systems require that insurance activity, which consists in the 
conclusion and performance of insurance contracts, be pursued by entities autho- 
rized under licenses granted by public authorities. This requirement is one of the 
aspects of legal regulation of the insurance activity. However, the requirement does 
not have to come in pair with recognition of an insurance contract as subjectively 
qualified agreement. In German law, the status of insurance contract is also 


?6Tn case of opérations collectives f adhésion obligatoire, the undertaking (entreprise), understood 
as employer, joins the prudence institution (adhésion) by signing a declaration of adhesion to its 
terms and conditions (adhésion par signature d’un bulletin au réglement) or by concluding with the 
institution an agreement for its employees (contrat au profit de ses salariés), who compulsorily 
become member participants (membres participants—art. L. 932-2 Code de la sécurité sociale). The 
terms and conditions, the declaration or the agreement specify the rights and obligations of the 
entity joining the institution and member participants. 


"Im case of opérations collectives ý adhésion facultative, employees have the right to decide to 
associate with the prudence institution (affiliation). Upon such decision, the employee becomes a 
member participant (Art. L. 932-14 k. Code de la sécurité sociale). 


?8 Tn case of opérations individuelles, employees themselves join the prudence institution by signing 
the declaration of adhesion to the terms and conditions or by concluding the agreement with that 
institution (Art. L. 932-14 Code de la sécurité sociale). 


Under Aer. L-932-23 Code de la sécurité sociale, the concepts of bulletin of adhesion to the terms 
and conditions (bulletin d’adhésion fF un réglement), collective acts with compulsory adhesion and 
participant (participant) correspond, respectively, to the terms: insurance contract (contrat 
d’assurance), group insurance contract (contrat d’assurance de groupe) and insured party (assuré). 
This terminology is reflected in conflict of laws provisions on the law applicable to acts with the 
participation of institutions de prévoyance and reciprocity institutions (mutuelles), implementing 
the conflict of laws provisions of insurance directives (in respect to institutions de prévoyance 
regulated in Arts. L. 932-25-L. 932-34 Code de la sécurité sociale, wherein those provisions apply 
also to institutions de prévoyance regulated in Code rural, under Art. L. 727-2(2) of that Code; as 
regards mutuelles, the basis are Arts. L. 225-1—-L. 225-10 Code de la mutualité (http://codes.droit. 
org/CodV3/mutualite.pdf). Those provisions were leges speciales in relation to the same conflict of 
laws provisions of the French Insurance Code (http://codes.droit.org/CodV3/assurances.pdf) on the 
law applicable to insurance contracts concluded by insurance companies (entreprises d’assurance). 
In those provisions—on institutions de prévoyance—the term “contract,” present in conflict of laws 
rules of the Community insurance directives, refers also to the expression “declaration of adhesion 
to the terms and conditions” (see, e.g., Art. L.932-26(1) Code de la sécurité sociale, according to 
which, when the risk is located in France and the person making the declaration of adhesion to the 
terms and conditions of an institution de prévoyance or concluding an insurance contract with the 
institution de prévoyance has their habitual residence or seat of the management board in France, 
the applicable law shall be French law, to the exclusion of any other country’s law), and the term 
“policyholder’’—refers to the expressions “acceding party” and “participant.” 


30 Dörner (1997), pp. 39-40. 
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recognized in relation to contracts whose party is an insurer not undergoing insur- 
ance supervision.*! Moreover, an agreement having objective features of an insur- 
ance contract, concluded by an insurer which does not hold the required license for 
the pursuance of insurance activities, may be qualified from the substantive law 
perspective as insurance contract.’ In the conflict of laws context, insurance con- 
tract should, in principle, be denied the status of subjectively qualified agreement. 

The reasons of public law also justify the non-inclusion, within the scope of 
application of the EU insurance directives, of insurance undertakings seated in a 
third country which do not pursue insurance activities in the Member States in the 
form of agency or branch. This follows from a ratione materiae restriction of the 
scope of application of EU law. Also, this restriction should be ignored in the conflict 
of laws context.** There are apparent influences of commercial and public law on the 
interpretation of the concept of insurer. 

Policyholder’s counterparty in the insurance contract, in the understanding of the 
Rome I Regulation, may be any person. Art. 7(2), second indent, mentions 
“insurers” (German Versicherer, French assureur, Italian assicuratore, Spanish 
asegurador). The concept of “insurer” may be treated as superordinate to the 
terms “insurance undertaking” and “organisation other than undertaking.” The 
approved qualification result allows to include as insurance contracts, within the 
meaning of the Rome I Regulation, contracts having the characteristics of insurance 
contracts concluded by entities claiming to be an insurance undertaking, pursuing 
insurance activities but, in fact, unauthorized to undertake such activities or acting in 
violation of the basic principles of pursuing such activities.** In the conflict of laws 
context, insurance contract should be denied the status of subjectively qualified 
contract. There are exceptions to this principle. One example can be provided by 
the insurance guarantee agreement. To delimitate the insurance guarantee agreement 
from the bank guarantee agreement, it is necessary to use the subjective criterion 
relating to the status of the insurer as policyholder’s counterparty.*° The question of 
the insurer’s qualified status boils down to whether and to what extent a given entity 
is authorized to pursue insurance activities. This question forms a part of the law 
applicable to the insurance contract. Provisions of such law will be given effect, 
including in space, within the limits of their applicability. The will of being applied 
may be attributed to the rules specifying the policyholder’s status from outside the 
law applicable to contractual obligations, either of the forum or a third country. 
Examples of substantive law qualification of insurance acts, which are interesting 


3! Prölls and Martin (2010), p. 72 (“die Unterstellung eines Unternehmens unter die Aufsicht 
impliziert also nicht die Anwendung des VVG und umgekehrt”). 


32 Example is provided by Polish law where such contracts qualify as invalid insurance contracts, 
see Malinowska (2003), pp. 138-139. 


33 Gruber (1999), pp. 18-19. 
*4Dickstein (1995), pp. 43-45 (Scheinversicherer). 
35 Kropka (2010), pp. 39-42. 
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from the point of view of the discussed subject matter, are provided by the case law 
of the German Federal Administrative Court (Bundesverwaltungsgericht).*° 


3 Reinsurance and Co-Insurance Contracts 


The reinsurance contract plays the same social and economic function and has the 
same characteristic features as the insurance contract.*” However, this conclusion 
must give way to the effect of the qualification based on the provisions of the Rome I 
Regulation explaining the term insurance contract. It follows from Art. 7(1), second 
sentence, in conjunction with Recital 32, that reinsurance contracts do not amount to 
insurance contracts. By reinsurance contract, one should also understand the retro- 
cession contract and further reinsurance contracts. Such position is in line with the 
definition of reinsurance as included in Art. 13(7) letter (a) of the Directive 2009/ 
138/EC (Slovency II)?’ (“the activity consisting in accepting risks ceded by an 
insurance undertaking or third-country insurance undertaking, or by another rein- 
surance undertaking or third-country reinsurance undertaking”). Reinsurance is also 
the subject of an agreement under which the risks assumed by the insurer or reinsurer 
are further taken over by a so-called insurance special purpose vehicle 
(Versicherungs- Zweckgesellschaft, véhicule de titrisation). German law permits 
the establishment of special purpose vehicles.*” Operation of a special purpose 
vehicle involves the transfer of insurance risks to the capital market. 

An insurance type interesting for the subject matter of these considerations is 
insurance of additional contributions (Nachschussversicherung). Its parties are the 
reinsurer and the mutual insurance institution acting on behalf of its members. Such 
insurance makes an alternative to obligating the mutual insurance institution’s 


3°The following were recognized as insurance operations in the understanding of § 1 of the German 
VAG: guarantee of maintaining (Wartungsgarantie) technical equipment if it is exhausted by the 
obligation to assume the relevant maintenance costs and unrelated in any way to other operations 
(Prave 2005, p. 45); permanent guarantee (Dauergarantie) granted for technical equipment involv- 
ing non-gratuitous coverage of costs of any repairs necessary as a result of wear and tear if the 
guarantor restricts himself only to such promise of performance and does not sell any equipment 
covered by the guarantee (Prive 2005, p. 45). 

37Fichler (1966), pp. 324-325. 

38 Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on 
the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (Text with 
EEA relevance) (Official Journal of the European Union, L 335/1, 17 December 2011). 

3 Paragraph 121g(1), first sentence, VAG defines Versicherungs-Zweckgesellschaft as company or 
partnership with a seat or central management in Germany which, being neither insurance under- 
taking nor reinsurer, assumes risks from insurance undertakings or reinsurers, wherein the risks of 
materialization of damage are secured by such partnership or company in full by issuing debt 
instruments or by another financing mechanism, and whereby recourse monetary claims under loans 
or other financial mechanisms give way to the entity’s liabilities under reinsurance. 
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members to make additional contributions.*° It comes in two forms. Under the 
former, the mutual insurance institution acts in its own name as the insurer, dedi- 
cating the funds received from the reinsurer to cover its losses;*! under the latter, the 
mutual insurance institution acts in the name of its members as policyholders, 
collecting for that purpose additional premiums and transferring them to the rein- 
surer who, in exchange, makes the required additional contributions.** In German 
literature, the latter of the discussed Nachschussversicherung forms is compared to 
civil liability insurance.” 

The above effect of qualification of the concept of insurance contract should 
extend to co-insurance contracts. The co-insurance contract—bearing in mind its 
social and economic function and characteristic features—is an insurance contract. 
This conclusion is in line with the provisions of the Rome I Regulation and the 
provisions of EU insurance directives. They do not contain any qualification guide- 
lines to the contrary.** An opinion expressed in the doctrine is illegitimate that the 
law applicable to co-insurance contracts is regulated by the Council and European 
Parliament Directive 2009/138. That Directive does not include any conflict of laws 
provisions. One should also evaluate critically the opinion that it is ungrounded to 
apply, to co-insurance contracts, the conflict of laws norms implementing the 
conflict of laws provisions of the insurance directives since protection of the 
policyholder is unnecessary in case of such contracts.*° 


4 “Insurance Contracts” Covered by the Exclusion Under 
Art. 1(2) Letter (j) of the Rome I Regulation 


4.1 Initial Comments on Art. 1(2) Letter (j) 


Article 1(2) letter (j) reads that the following shall be excluded from the scope of the 
Regulation: “insurance contracts arising out of operations carried out by organisa- 
tions other than undertakings referred to in Article 2 of Directive 2009/138 of the 
European Parliament and of the Council of 25 November 2009 concerning life 
assurance the object of which is to provide benefits for employed or self-employed 
persons belonging to an undertaking or group of undertakings, or to a trade or group 
of trades, in the event of death or survival or of discontinuance or curtailment of 
activity, or of sickness related to work or accidents at work.” This provision contains 
a description of specific risks relating to employed and self-employed persons. That 


“°Dickstein (1995), p. 31. 
+ Thid. 
427; 
Ibid., pp. 31-32. 
43 Tbid., p. 32 and the literature cited therein. 
44 Schnyder (2004), p. 1025. 
Fuchs (1999), p. 20. 
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is why “insurance the object of which is to provide benefits for employed [...] 
persons,” concluded by an “undertaking” or “group of undertakings” is a contract for 
account of a third party. The same apparently refers to situations when an “insurance 
contract the object of which is to provide benefits for [. . .] self-employed persons” is 
concluded, in his or her own name, by a representative of their “trade” of “group of 
trades.” Presently, this issue is regulated by Art. 9(2) of Directive 2009/138/EC 
(Solvency mp.*° 

A characteristic feature of insurance contracts for account of a third party is that 
only the third party may take advantage of such insurance.*’ The way in which the 
third party takes such advantage depends on whether the insurance for account of the 
third party is direct or indirect.** In the former case, the subjective law claim against 
the insurer for the payment of benefit is vested in the third party, whereas in the latter 
in the policyholder, who is legally bound to deliver the benefit received from the 
insurer to the third party. This distinction is of secondary importance from the point 
of view of the conflict of laws qualification.*° 

Textual interpretation of Art. 1(2) letter (j) in conjunction with Art. 2 of the 
Directive 2009/138/EC of 25 November 2009 concerning life insurance, leads to the 
conclusion that Art. 1(2) letter (j) does not refer to insurance undertakings pursuing 
in the EU business of direct insurance in the life assurance branch. Such undertak- 
ings are both insurance undertakings seated in a Member State of the EU and 
insurance undertakings seated outside the EU. 

Reasoning a contrario from Art. 1(2) letter (j) in conjunction with Art. 2 of 
Directive 2002/83/EC (currently Article 2 of the Directive 2009/138/EC) allows to 
include among “organisations other than undertakings referred to in Article 2 of 
Directive 2002/83/EC” (currently Article 2 of the Directive 2009/138/EC): (1) insur- 
ance undertakings engaging in re-insurance activities, (2) insurance undertakings 
engaging in insurance activities of direct insurance other than life assurance, 
(3) insurance undertakings pursuing outside the EU insurance activities of direct 
insurance in the life assurance branch, (4) organisations other than insurance under- 
takings. However, such reasoning—in my opinion—is illegitimate. The prototype of 
Art. 1(2) letter (j) is Art. 9 item 2 of the Directive 2009/138/EC. Nevertheless, when 
drafting Art. 1(2) letter (j), the legislator overlooked that the Directive 2009/138/EC, 
according to its general provisions, does not refer to any of the four abovementioned 
groups of entities. One should interpret the expression: “organisations other than 
undertakings referred to in Art. 2 of the Directive 2002/83/EC” (currently Art. 2 of 


46«Tn regard to life insurance, this Directive shall not apply to the following operations and activities 
operations carried out by organisations, other than undertakings referred to in Article 2, whose 
object is to provide benefits for employed or self-employed persons belonging to an undertaking or 
group of undertakings, or a trade or group of trades, in the event of death or survival or of 
discontinuance or curtailment of activity, whether or not the commitments arising from such 
operations are fully covered at all times by mathematical provisions.” 

47 Hetczyriski (1927), p. 95; Maixner and Steinbeck (2008), p. 48. 

38 Hełczyński (1927), p. 82. 

“Cf. Basedow and Fock (2002), p. 104. 
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the Directive 2009/138/EC), in the understanding of Art. 3(3) of the Directive 2002/ 
83/EC (currently Art. 9(2) of the Directive 2009/138/EC), in the context of those 
general provisions. The same expression used in Art. 1(2) letter (j) is affected by a 
legislative error. In consequence, establishment of the scope of the subjective 
exclusion under Art. 1(2) letter (j) requires further investigations. 

The expression: “organisations other than undertakings referred to in Article 2 of 
Directive 2002/83/EC” (currently Art. 2 of the Directive 2009/138/EC) in the 
understanding of Art. 1(2) letter (j) refers to one of the parties to the insurance 
contracts specified in that provision. As a result, this expression should be distin- 
guished from the concept of “undertaking,” used here in its subjective meaning to 
denote employer. 

The formulation: “the object of which is to provide benefits for employed or self- 
employed persons belonging to an undertaking or group of undertakings, or to a 
trade or group of trades, in the event of death or survival or of discontinuance or 
curtailment of activity, or of sickness related to work or accidents at work” must be 
referred to the expression “insurance.” As far as Art. 1(2) letter (j) mentions benefits 
in the event of sickness related to work or accidents at work, this provision relates 
both to the insurance of risk of invalidity caused by accident or sickness as a type of 
additional insurance in the understanding of Art. 2(3) letter (a) point (iii) of the 
Directive 2009/138/EC (I insurance group in the life assurance branch) and insur- 
ance against accidents at work and occupational diseases (I insurance group from the 
branch of insurance other than life assurance). Consequently, it must be concluded 
that “insurance undertakings” in the expression “organisations other than insurance 
undertakings” are all insurance undertakings pursuing in the European Union 
(including in Denmark) activities in the area of direct insurance. This means, at the 
same time, that the expression “organisations other than insurance undertakings 
referred to in Art. 2 of the Directive 2002/83/EC” (currently Art. 2 of the Directive 
2009/138/EC) covers organizations other than insurance undertakings operating in 
the EU. 

The wording of Art. 1(2) letter (j) suggests that the provision relates only to intra- 
Union situations, i.e., insurance contracts referred to in that norm concluded by 
organizations other than insurance undertakings as a part of their activities in the 
European Union. Nevertheless, this question must be finally resolved by purposive 
interpretation based on the final conclusions as to what “insurance contracts” the 
discussed provision refers to. 


4.2 The European Law of Occupational Pension Schemes 


Article 1(2) letter (j) makes a conflict of laws section of the EU regime of occupa- 
tional pension schemes. This is indicated by the connection of that norm with Art. 
9 item 2 of the Directive 2009/138/EC. The Directive’s provision was adopted with a 
view to the works harmonizing the laws of the EU Member States in the 
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occupational pension schemes.” The effect of those works was the Directive 2016/ 
2341/EU.*' It contains a comprehensive substantive law regime of occupational 
pension schemes. Its provisions are helpful in the interpretation of Art. 1(2) letter (j). 
This refers, in particular, to the definition of institution for occupational retirement 
provision (Art. 6(1) of the Directive 2016/2341/EU) and definition of retirement 
benefits (Art. 6(4)) of the Directive 2016/2341/EU), showing similarity to that 
provision. For that reason, it is legitimate to determine—in interpreting Art. 1 
(2) letter (j)—the circle of institutions for occupational retirement provision to 
which the provisions of the Directive 2016/2341/EU apply. For that purpose, one 
should, in the first place, consider the catalogue of subjective exclusions under Art. 2 
(2) of the Directive 2016/2341/EU. 

The principle of separateness of institutions for occupational retirement provi- 
sion, as expressed in their definition (Art. 6(1) of the Directive 2016/2341/EU), from 
financial institutions (as defined in Art. 6(3) of the Directive 2016/2341/EU) relates 
to the exclusion of companies using book-reserve schemes with a view to paying out 
retirement benefits to their employees (Art. 2(2) letter (e) of the Directive 2016/2341/ 
EU). This exclusion refers to employers performing the obligations incurred vis-a- 
vis their employees under occupational pension schemes by establishing reserves 
with a view to paying out future benefits. The source of such obligations may, for 
instance, be direct promise (Direktzusage) under German law, direct promise of 
benefit (direkte Leistungszusage) under Austrian law? or—by all appearances— 
self-administered pension scheme under the law of the United Kingdom” or indi- 
vidual pension obligations (engagements individuels de pension/individuele 
pensioentoezeggingen) under Belgian law. In connection with Art. 2(2) letter 


Dickstein (1995), p. 28. 


5! Directive (EU) 2016/2341 of the European Parliament and of the Council of 14 December 2016 
on the activities and supervision of institutions for occupational retirement provision (IORPs) (Text 
with EEA relevance) (Official Journal of the European Union L 354/37, 23.12.2016). 


>The essence of both the direct promise (Direktzusage, unmittelbare Leistungszusage) under 
German law and direct promise of performance (direkte Leistungszusage) under Austrian law is 
employer’s obligation vis-a-vis employee to pay benefits within the framework of occupational 
pension provision (German Law—Blomeyer and Otto 2006, p. 113; Kemper 2003, p. 49) following 
from the given promise (Zusage) as the source of legal relationship of occupational pension 
provision (Blomeyer and Otto 2006, pp. 80-81). The employer may choose the form of fulfilling 
that promise. It may be fulfilled by the employer itself, in the form of Direktzusage or direkte 
Leistungszusage, or through an authorized institution. Regardless of the chosen form, the employer 
remains obliged against the employee under the Zusage to satisfy claims under that Zusage 
(Einstandspflicht—Kemper 2003, p. 51). 

53Tt is a pension plan organized and managed by the employer whose agents (directors) play at the 
same time the role of the plan’s trustees (Harpen 1991). 

54 See Art. 75 of the Belgian Act on the control of occupational retirement institutions (Loi relative 
au contrôle des institutions de retraite professionnelle/Wet betreffende het toezicht op de 
instellingen voor bedrijfspensioenvoorzieningen, of 27 October 2006, Moniteur Belge/Belgisch 
Staatsblad, 10 November 2006, p. 60162), http://www.ejustice.just.fgov.be/cgi_loi/change_lg_2. 
pl?language=fr&nm=2006023149&la=F (Last accessed: 22.12.2020). 
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(e) of the Directive 2016/2341/EU, attention should also be drawn to the Italian law 
construction known as trattamento di fine rapporto.” 

Just as insurance undertakings ensure benefits in accordance with insurance 
contracts, institutions for occupational retirement provision, in the understanding 
of the Directive 2016/2341/EU, ensure pension benefits in accordance with the 
pension scheme, defined as “contract, an agreement, a trust deed or rules stipulating 
which retirement benefits are granted and under which conditions” (Art. 6(2) of that 
Directive). On the other hand, the concept of pension scheme does not refer to 
contracts relating to the occupational pension scheme regime but having as their 
subject obligations other than the obligation to provide pension benefits. This relates, 
among others, to contracts the object of which is investment of the entrusted funds 
on capital markets. Such contracts form a part of the activities of entities covered by 
the exclusion under Art. 2(2) letter (b) of the Directive 2016/2341/EU. This refers to 
investment firms as well as undertakings for collective investment in transferable 
securities (UCITS) and companies managing UCITSs. 

The customers of “investment firms” may be, according to section I point 1 letter 
(f) of Annex II to the Directive 2014/65/EU,~° “pension funds and management 
companies of such funds.” Furthermore, under Art. 6(3) letter (a) of the Directive 
2009/65/EC,”” management companies may, by operation of national law of a given 
Member State, be entitled to manage investment portfolios belonging to pension 
funds. 

An institution for occupational retirement provision covered by the norms of the 
Directive 2016/2341/EU may only be such entity against which the financing 
institution’s employees have a claim for the provision of benefit (argument a 
contrario from Art. 2(2) letter (d) of the Directive 2016/2341/EU). Such entity is 
not the institution for occupational retirement provision known to German and 
Austrian laws under the name Unterstiitzungskasse (provident society). In German 
law, Unterstiitzungskasse provides benefits within the framework of occupational 
retirement provision under the contract concluded with the employer or under the 
institution’s statute." Under that relationship, Unterstiitzungskasse acquires against 


55 Trattamento di fine rapporto is, under Art. 2120 of the Italian Civil Code (CC) a special monetary 
provision owed to the employee (il prestatore di lavoro) from the employer because of termination 
of the employment relationship (il rapporto di lavoro subordinato). In practice, Trattamento di fine 
rapporto plays the function of an obligatory form of occupational pension provision (Wesselmann 
2007, p. 49). https://noipa.mef.gov.it/web/mypa/tfr-e-tfs-dei-dipendenti-previdenziale (Last 
accessed: 27.01.2021). 

56 Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets 
in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU Text with 
EEA relevance (Dz.U. L 173 z 12.6.2014). 

57 Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the 
coordination of laws, regulations and administrative provisions relating to undertakings for collec- 
tive investment in transferable securities (UCITS) (Text with EEA relevance) (Dz.U. L 302 z 
17.11.2009). 


58 Blomeyer and Otto (2004), p. 521. 
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the employer a claim for the return of the funds expended on benefits.°’ As a result, 
the contract is not accompanied by the transfer of risk.’ As a rule, employees do not 
acquire any claims against Unterstiitzungskasse for the payment of pension benefits. 

Unterstiitzungskasse must be distinguished from Contractual Trust Arrangement, 
i.e., special purpose vehicle established by the employer in performance of obliga- 
tions under Direktzusage with a view to managing the funds provided in trust within 
the framework of occupational retirement provision.°! Contractual Trust Arrange- 
ment undertakes to manage those funds under a contract with the employer by the 
same name. This model is encountered, among others, in German practice.°* 

Pension benefits may be ensured by institutions managing social security 
schemes. Such institutions (“institutions managing social-security schemes which 
are covered by Regulation (EEC) No 1408/71(5) and Regulation (EC) No 987/2009 
(6)”) are covered by the subjective exclusion under Art. 2(2) letter (a) of the 
Directive 2016/2341.°° The concept of social security schemes is explained in Art. 
4(2) of the Regulation 1408/71. 

The ensuring of pension benefits within the framework of social security schemes 
subject to the provisions of the Regulation 1408/71 may be grounded not only in the 
provisions of law. This is indicated by Art. | letter (j), second indent, of the 
Regulation 1408/71. A notification mentioned in that provision was made by 
France.“ Under that notification, the Regulation 1408/71 applies to the operation 
of pension funds (caisses de retraite®°—I pillar of the pension system, régime 
complémentaire) forming a supplementary pension scheme for hired labourers 


>» Ibid, p. 520. 

©°For this reason, no analogy can be drawn between that contract and so-called external self- 
insurance (Externe Selbstversicherung), consisting in the transfer by an entrepreneur of its own 
risks to an insurance undertaking specially created by the entrepreneur (or with its participation), 
known as captive insurance company (Prive 2005, p. 44). 

6! Weigel (2005), p. 1144. 

6? Ibid, pp. 1864-1865. 

©3-This exclusion refers to national institutions of individual Member States of the EU, as defined in 
Art. 1 letter (n) of the Regulation 1408/71. Such institutions are listed in Annex II to the Regulation 
574/72. 

64 Notification of the Government of the French Republic to the Commission of 29 March 1999, OJ 
EC C 215, 28 July 1999, p. 1. 

65 Caisses de retraite are covered by Arts. L-922-1-L-922-3 and Art. L-922-6-L-922-14 Code de la 
sécurité sociale. Under the first sentence of Art. L-922-1, first indent, of that Code, the institutions 
paying out supplementary pensions (complémentaires) are non-profit private law entities fulfilling 
the social mission, administered on parity basis by their members and participants (defined in 
Art. L. 922-2 Code de la sécurité sociale) or by their agents. 
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(ARRCO“) and supplementary pension scheme for management staff (AGIRC®’). 
The source of each such scheme is a collective agreement.” In addition, Caisses de 
retraite pay benefits in respect of accidents at work or occupational diseases. 
Collective agreements are also a source of supplementary pension benefits under 
Danish law.°° 

The exclusion of institutions managing social security schemes tallies, in princi- 
ple, with the exclusion relating to institutions which operate on a pay-as-you-go 
basis (Art. 2(2) letter (c) of the Directive 2016/2341/EU). The essence of pay-as- 
you-go financing (Umlageverfahren, répartition) is the financing of pension benefits 
from contributions paid on an ongoing basis by persons currently professionally 
active.’° This principle, in specific situations, may be subject to modifications. The 
abovementioned caisses de retraite operate on pay-as-you-go basis. However, that 
modus is accompanied by a system of points (systéme de points) based on such 
criteria as the duration of the contributory period and the amount of contributions. 


4.3 Article 1(2) Letter (j) of the Rome I Regulation 
as a Fragment of the Conflict of Laws Issue 
of Occupational Pension Schemes 


The above considerations allow to consider the exclusion under Art. 1(2) letter (j) in 
the context of conflict of laws problems of protection against pension risk. 
Nowadays, the legal instruments of protection against pension risk have ceased to 
be a domain of social security.’' This issue is subject to legal provisions of different 
type.” As a result, it is necessary to demarcate—both in the substantive law and 
conflict of laws dimension—diverse relationships, including in the area of social 
security, employment law, financial markets law, private insurance law” or law of 


°° ARRCO is a federation of 33 institutions supplementing the pension system of the total of 
employees in the private sector of industry, commerce, services, and agriculture, including mana- 
gerial staff. ARRCO’s tasks comprise provision of information to, coordination and control of the 
institutions grouped within ARRCO, as well as collecting statistical and financial data (see www. 
agirc-arrco.fr). 

*’The AGIRC federation supplements the pension system of the managerial staff in the private 
sector of industry, commerce, services, and agriculture. It unites 21 pension funds (see www.agirc- 
arrco.fr, accessed: 15.09.2020). 

68 ARRCO—collective agreement of 8 December 1961 on supplementary pensions, concluded by 
national representative organizations of employers and employees. 

© Bittner (2000), p. 7. 

70 Szubert (1987), pp. 228-229. 

7! Jedrasik-Jankowska (2004), p. 69. 

” Muszalski (2007), pp. 13-15. 

73 Pacud (2006), pp. 46-47. 
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obligations.’* On the level of private international law, the total of norms 
delimiting—in the relations within the framework of legal protection against pension 
risk—the impact spheres of different national legal systems by designating which of 
them should apply may be referred to as conflict of laws law of pension security. 
Such norms comprise both conflict of laws rules of private international law and 
conflict of laws rules of social security law or, in a wider perspective, of social law.” 

The subject of demarcation by means of so understood conflict of laws law of 
social security are miscellaneous sets of public law and private law norms. Their 
delimitation is a difficult task. It has been noticed in literature that “public law and 
private law border one another in a distinguishable but inseparable manner.””° 

The justification of the exclusion under Art. 1(2) letter (j) is the fact that the 
contractual obligations in question make a source of pension benefits supplementary 
to the basic pension under the statutory system of pension security (I pillar of the 
pension system). Non-inclusion in that exclusion of contractual obligations under 
Direktzusage, as prescribed in German law, or similar legal constructions is an effect 
of a strict connection of such obligations with the basic relationship. This connection 
is reflected in the conflict of laws qualification of the obligations. However, one may 
wonder why Art. 1(2) letter (j) does not refer to insurance contracts concluded with 
insurance undertakings within the framework of occupational pension insurance. 
Such contracts are also intended to supplement the basic pension from the statutory 
pension security system. The ensuing insurance relationship (cover relationship) is, 
in large measure, determined by the cash relationship, as in the case of the cover 
relationship involving occupational pension funds. Insurance contracts concluded 
with insurance undertakings within the framework of occupational pension insur- 
ance were, however, treated in the Rome I Regulation in the same way as other 
insurance contracts. 


74 See the judgment of the French Cassation Court (Cour de cassation) of 24 February 2004 in the 
case République fédérative du Brésil c. Mme L. de Azevedo Werneck—Revue Critique de Droit 
International Prive 2005, pp. 62-64. The Court acknowledged compensatory liability of the 
Brazilian state as employer for the losses incurred by an employee delegated to work in France 
because of failure to register the employee for statutory social insurance. See also the glossator’s 
comments on the interpenetration in the area of social insurance between relationships of public 
(vertical dimension) and private law (horizontal dimension)—d’ Avout (2005), pp. 65—67. https:// 
journals.openedition.org/nuevomundo/66375 (Last accessed: 27.01.2021). 

™ Bichenhofer (1994), p. 2. This means that the conflict of laws law of pension insurance belongs 
neither exclusively to private international law nor exclusively to international social law. 


76 Richenhofer (1987), p. 22. 
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4.4 Article 1(2) Letter (j) as Fragment of the Conflict of Laws 
Regime of Protection Against Accidents at Work 
and Occupational Diseases 


Article 1(2) letter (j), to the extent it refers to benefits in respect of occupational 
disease or accident at work, reaches beyond the conflict of laws issue of occupational 
pension schemes. 

Accident at work or occupational disease may cause interruption or limitation of 
gainful activity, resulting not only in the acquisition of the right to benefits from 
occupational pension schemes but also of the right to benefits on other grounds. It is 
the case since accident at work or occupational disease may lead to an increase of 
financial needs which is unrelated to pension risk. 

As in case of pension risks, risks of accidents at work or occupational diseases are 
governed by legal norms of various type. In consequence, it becomes necessary to 
demarcate diverse relationships, including relationships in the area of private insur- 
ance law,” social security, employment law and law of obligations. In the conflict 
of laws context, the total of norms delimitating—in relationships within the frame- 
work of legal protection against the risks of accidents at work and occupational 
diseases—the impact spheres of different national legal systems, by designating 
which system should apply, may be referred to as conflict of laws law of protection 
against accidents at work and occupational diseases. 


4.5 The National Conflict of Laws Rule on the Law 
Applicable to the Contractual Obligations Covered by 
the Exclusion Under Art. 1(2) Letter (j) 


In the conflict of laws law of the insurance contract, the insured party’s claim against 
the insurer is, as a rule, subject to the law applicable to the insurance contract. The 
same guideline should be followed in relation to employee claims against institutions 
for occupational retirement provision under the “insurance contract” in the under- 
standing of Art. 1(2) letter (j). According to the position expressed in German 
doctrine, the relation between the entitled employee and Pensionsfonds is subject, 
as “subordinate legal relationship” (dienendes Rechtsverhdltnis), to the law applica- 
ble to the “principal legal relationship” (hauptsdchliches Rechtsverhdiltnis), i.e., 


7 Risks of accidents at work or occupational diseases may be covered a voluntary or compulsory 
insurance contract concluded with an insurance undertaking (Gasińska 2003, pp. 212-213, 
218-219). 

78Risks of accidents at work or occupational diseases may also be covered by the objective scope of 
the social security system. 
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relationship forming the basis of occupational pension (Recht der 
Betriebsrentenbeziehung).”” 

Legitimacy of that position raises doubts. It must be admitted that the contract 
concluded by the employer with Pensionsfonds remains in connection with the 
principal contract between the employer and the employee. In German and Austrian 
laws this connection is stronger because the choice by the employer of the imple- 
mentation of an occupational pension scheme in the form of Pensionsfonds does not 
relieve the employee from its obligations vis-a-vis employees under the employer’s 
own promise of benefit (Einstandspflicht). The employer’s promise to employees 
forms a constituent element of every form of occupational pension scheme.*? 

The terms “employed person” and “undertaking” (“employer’—in the subjective 
sense) used in Art. 1(2) letter (j) constitute primary (entry) questions.”! The law 
relevant to their evaluation is the law designated by the national conflict of laws 
norm on the law applicable to life situations covered by Art. 1(2) letter (j). Provisions 
that may be given effect in such manner are norms clarifying the term “employed 
person,” deviating from its meaning in employment law and in social security law. 

Example is provided by German law. Under § 17(1) BetrAVG, first sentence,*” 
employees (Arbeitnehmer) are blue collar workers (Arbeiter) and white-collar 
workers (Angestellte), including persons hired for professional training (die zu 
ihrer Berufsausbildung Beschiiftigten).®* Under the second sentence of that provi- 
sion, BetrAVG norms apply respectively to persons other than employees if they 
have been promised benefits in consideration of their activities for the undertaking. 
The group of such persons includes, among others, Geschäftsführer in a limited 
liability company (GmbH).** 


5 General Rules of the Definition of the Country in Which 
the Risk Is Situated (Art. 13(8) Letter d(i) and Art. 
13(14) of the Directive 2009/138 in Connection with Art. 
7(6) Rome I 


The concept of legal person in the understanding of Art. 13(8) letter d(i) and Art. 13 
(14) of the Directive 2009/138 with the expression: “companies and other bodies, 
corporate or unincorporated” in the understanding of Art. 19(1) Rome I, first indent. 


™ Bohne (2004), p. 158. 
®°Blomeyer and Otto (2006), p. 80. 
8! On primary (entry questions)—Pazdan (2008), p. 63. 


82 Gesetz zur Verbesserung der betrieblichen Altersversorgung (https://www.gesetze-im-internet. 
de/betravg access:15 September 2020; hereinafter also BetrA VG). 


83 Kemper (2003), p. 43. 
84 Bohne (2004), p. 96. 
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In autonomous qualification of that concept, one should use the experience of 
judicial practice against the background of Art. 4(2) of the Rome Convention.*° 

One should address critically the proposal of clarifying the concept of “establish- 
ment, to which the contract relates” in the understanding of Art. 13(8) letter d(i) of 
the Directive 2009/138 by the definition of “establishment” in Art. 13(12) of the 
Directive 2009/138.°%° Such interpretation is illegitimate since that definition refers 
expressis verbis to the insurer’s establishment. This was confirmed by the CJEU in 
the judgment in the case Kvaerner.*’ “Establishment to which the contract relates” 
should be understood as organizational unit of the policyholder to whose activities 
the risk covered by the insurance contract relates.** The seat of the establishment to 
which the insurance contract relates is the place where such unit has its centre of 
activities.*’ At the same time, it is not required that such unit have its own agents or 
the capacity to conclude contracts.” 

For conflict of laws rules under Art. 7, the term “establishment” should also cover 
a daughter company, i.e., legal entity separate from the mother company in a 
situation when the mother company insures the risks relating to operations of the 
daughter company. This conclusion is grounded in the justification of the CJEU 
judgment in the Kvaerner case. The CJEU included in the concept of establishment, 
in the understanding of the last indent of Art. 2 letter (d) of the Directive 88/357 
(Present: Art. 13(13) letter d of the Directive 2009/138), all companies belonging to 
a given capital group if one of those companies concludes an insurance contract for 
the others.°! The CJEU inferred that the purpose of the Directive’s provision is, in 
particular, to establish a general rule specifying the place in which a given economic 
risk is situated when the risk does not relate to a building, vehicle or travel (specific 
tules of the definition). In the same way, the provision, in CJEU’s opinion, refers to 
the place where the activities are pursued to which the risk covered by the contract 
relates. Therefore, in the Court’s opinion, the provision uses the criterion of 


85 Spickhoff (2003), p. 2464 (“gemeint ist jede Personenvereinigung oder Vermégensmasse, die 
sich vertraglich verpflichten kann”). 


8° Gruber (1999), p. 49. 

87 Case C-191/99. According to paragraph 35 of the justification of that judgment, “the definition of 
‘establishment’ in Article 2(c) of the Directive therefore relates only to the establishment of an 
insurance company.” 

88In German: risikoträchtige Teilorganisation—Kramer (1995), p. 161. 


®° Broad understanding of the term “undertaking” (within the meaning associated above with the 
term “establishment”) of the policyholder in the definition of the country where the risk is situated, 
was adopted by the law of the United Kingdom. Regulations 2001 (The Financial Services and 
Markets Act 2000: https://www.legislation.gov.uk/ukpga/2000/8/contents), by defining A’s estab- 
lishment as: (a) seat of A’s management; (b) each of A’s agencies; (c) each of A’s branches; (d) any 
permanent presence of A in a member state of the EEA, which does not have to take the form of 
agency or branch and which may consist in having an office managed by A’s personnel or by a 
person independent of A who, however, has been permanently authorized to act on A’s behalf as 
though he was A’s agent (Dicey et al. 2006, p. 1718). 


OCF, Martiny (2004), p. 133. 
°! Kropka (2010), p. 112. 
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policyholder’s habitual residence and the criterion of domicile of the policyholder’s 
establishment to which the contract relates (paragraph 46). Moreover, The CJEU 
pointed out (paragraph 54) that the presented interpretation of the term “establish- 
ment” in the understanding of the last indent of Art. 2 letter (d) of the Directive 
88/357 (Present: Art. 13(13) letter d od the Directive 2009/138) is confirmed by the 
statement of the Insurance Committee on the interpretation of that rule. The state- 
ment reads that “if a single insurance contract covers risks relating to the 
policyholder’s daughter companies or establishments, the location of different 
risks covered by the contract must be established individually for each risk, 
according to the provisions of Art. 2 letter (d) of the Directive 88/357 (Present: 
Art. 13(13) letter d of the Directive 2009/138), especially the last indent of that 
provision, and norms of Art. 2 letter (e) of the Directive 90/619 (Present: Art. 13 
(14) of the Directive 2009/138).” 

Article 19 may also be of help in the evaluation of situations where the insurance 
contract relates to a legal person as a whole or where it is impossible to unambig- 
uously associate the contract with the legal person’s specific establishments.” In 
such cases, the criterion of the place of policyholder’s central administration should 


apply.” 


6 Law Applicable in the Absence of Choice of Law (Art. 
7(2), Second Indent Rome I) 


The impact of corporate law is apparent in the establishment of the law applicable to 
the insurance contract in the absence of choice of law. Much importance for the 
delimitation of scopes of the abovementioned conflict of laws rules attaches to the 
determination if, as a part of qualification of the expression “in the course of the 
operations of a branch, agency or any other establishment of the insurer,” one should 
consider Art. 145 of the Directive 2009/138 clarifying the concept of establishment 
of an insurance undertaking. Under that provision, “any permanent presence of an 
undertaking in the territory of a Member State shall be treated in the same way as a 
branch, even where that presence does not take the form of a branch, but consists 
merely of an office managed by the own staff of the undertaking or by a person who 
is independent but has permanent authority to act for the undertaking as an agency 
would.” 

Consideration of Art. 145 of the Directive 2009/138 requires to assume that in the 
absence of choice of law an insurance contract concluded by an insurer present in the 
territory of a given Member State not in the form of agency or branch but in “an 


°? As an example, one can take a D&O (Directors & Officers) insurance contract concluded by a 
company for a member of its management board. 


Bull (2019), pp. 23-27. 
°4See Bigot (1989), pp. 25-27, 34; de Meireles (2020), pp. 141-152. 
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office managed by the undertaking’s own staff or by a person who is independent but 
has permanent authority to act for the undertaking as an agency would” shall be 
subject to the law of that Member State. This means that the law applicable to the 
contract will generally be the law of the country to which the policyholder’s vital 
interests are connected. By contract, a contrary conclusion leads to the submission of 
the contract to the law of the country where the insurer’s central administration is 
domiciled, or the insurer’s establishment to whose activities the contract relates. 
Such qualification result will generally favor, in the discussed situations, the conflict 
of laws interests of the insurer. The argument for considering Art. 145 of the 
Directive 2009/138 as a part of qualification of the expression “in the course of the 
operations of a branch, agency or any other establishment of the insurer” is the CJEU 
judgment in the case Kvaerner (C-191/99). The Court, by invoking its previous 
findings in paragraph 21 of the judgment in the case Commission v. Germany 
(205/84), concluded that Art. 3 of the Directive 88/357 (Present: Art. 145 of the 
Directive 2009/138) expands the scope of the concept “agency and branch” in the 
understanding of Art. 2 letter (c) of that Directive (paragraph 39) (Present: Art. 13 
(12) of the Directive 2009/138). It must be noted that transposition of that finding to 
the qualification of the expression “branch, agency or any other establishment of the 
insurer’ opens a breach in the uniform understanding of the term “establishment” in 
the provisions of the Rome I Regulation.” 

The status of the insurer’s establishment should not be referred to daughter 
companies. The same position was assumed by the CJEU in the judgment in the 
case Kvaerner in respect of interpretation of the term establishment in the under- 
standing of Art. 2(c) of the Directive 88/357 (paragraph 41) (Present: Art. 13(12) of 
the Directive 2009/138). 

The above opinion is confirmed by a judgement of CJEU in the case A Ltd,”° the 
first subparagraph of Article 157 (1) of Directive 2009/138/EC of the European 
Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of 
the business of Insurance and Reinsurance (Solvency II), as amended by Directive 
2013/58/EU of the European Parliament and of the Council of 11 December 2013, 
read in conjunction with Article 13 (13) of Directive 2009/138, must be interpreted 
as meaning that, when an insurance company established in a Member State offers 
insurance covering the contractual risks associated with the value of the shares and 
the fairness of the purchase price paid by the buyer in the acquisition of an 
undertaking, an insurance contract concluded in that context is subject exclusively 
to the indirect taxes and parafiscal charges on insurance premiums in the Member 
State where the policyholder is established. 


°> Bull (2019), pp. 23-27. 
°© Judgment of the Court (Sixth Chamber) 17 January 2019, C-74/18. 
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Lege non distinguende, the connector of domicile of a branch, agency or other 
establishment of the insurer will apply when no law has been chosen, regardless of 
whether the activities of the establishment are separated from the operation of the 
headquarters or if they fit into the latter’s operation. However, in each of those two 
situations, the connector of seat of the insurer’s establishment leads to different 
consequences. Description of such consequences calls for a discussion of the 
doctrine of the law applicable to the place of pursuing insurance activities 
(Betriebsstatut). 

The doctrine of law applicable to the place of pursuing insurance activities was 
created and developed within Savigny’s classical school, centring the objectives of 
private international law around designation of a legal relationship’s “seat.” In 
academic literature, it was explained why in case of insurance contracts the place 
to be considered the “obligation’s seat” (Sitz der Obligation) should be the place of 
pursuing insurance activities (Ort des Betriebs der Versicherung).’’ This conception 
gained the dominant status.”® It requires treating the total of identical insurance 
contracts concluded by the same insurer as an economic whole.” A necessary 
condition is to legally frame, in a uniform manner, all insurance contracts covering 
a specific type of risk. Otherwise, the insurer will not have a uniform operating plan 
as the basis for the insurer’s insurance activities. '°° As a result, the “seat” of the legal 
relationship is the country of pursuing insurance activities, as the place in which 
many individual legal relationships are integrated into one insurance portfolio 
(Versicherungsbestand'°'), into a single community of risks 
(Gefahrengemeinschaft'°”). Uniform legal assessment of the total of contracts con- 
cluded by a given insurer allows the insurer to pursue activities, which is not without 
impact on the protection of insurance interests. 

The place where insurance activities are pursued is, generally, the insurer’s seat 
(Sitz des Versicherers).'°? However, if the insurer has opened an establishment 
abroad (Niederlassung), the “seat” of legal relationship for contracts concluded as 
a part of operation of that establishment is its seat. The law applicable to the 
establishment’s seat (Statut der Niederlassung) supersedes, on such occasions, the 
law applicable to the place of pursuing insurance activities (Betriebsstatut).'* It was 
argued in literature that, in such context, establishment is understood as an 


Bruck (1924), p. 11. 

°8 Reichert-Facilides (1976), p. 1028. 
°° Richter (1980), p. 70. 

100 Bruck (1924), p. 10. 

101! Keller (1962), pp. 16-17. 

102 See Sieg (1971), pp. 45—46. 

103 Richter (1980), p. 79. 

14 Bruck (1924), p. 12. 
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organizational unit appointed to handle a national insurance portfolio.'°* Authors 
indicate that the designation of law relevant to the seat of an insurer’s establishment 
is not substantiated by the nature of insurance activities as such.'°° If an establish- 
ment may undertake activities under (as a part of) the operating plan of the head- 
quarters, it is not necessary to deviate from the principle of applying the law of the 
country of the insurer’s domicile.'°’ These are the requirements of insurance 
supervision legislation that may necessitate deviations from the rule designating 
the law of domicile of the insurer’s headquarters in favour of the law applicable in 
the country of the insurer’s establishment.’ De lege lata, operations of an estab- 
lishment created in one Member State of the European Union by an insurer whose 
central administration is seated in another Member State are subject to supervision of 
the Member State of origin. The operating plan of such establishment may, but does 
not have to, make that establishment an enterprise separated in technical and 
organizational means from the headquarters. 

In the light of the above, relevance of the law of the country of the insurer’s 
establishment (Art. 7(2), second indent, in conjunction with Art. 19(2)) is not in 
conformity with the doctrine of the law applicable to the place of pursuing insurance 
activities inasmuch as the law of the country of the insurer’s establishment will apply 
in situations when the establishment has not been separated in technical and orga- 
nizational terms from the headquarters. Correction of the result of designation of 
applicable law is possible only within the limits of the second sentence of Art. 7(2), 
second indent.'°” 

The abovementioned inconformity affects the insurer’s cross-border activities 
pursued in the form of establishment which has not been separated from the 
headquarters in technical and organizational terms.'!° From the point of view of 
such insurer, significance attaches to the unlimited choice of law. Taking advantage 
of such possibility, the insurer may submit insurance contracts concluded by an 
establishment to the law of the same country which governs identical contracts 
concluded as a part of the headquarters. Without offering such possibility, private 
international law would lead to an actual separation of the establishment from its 
headquarters. 


105 Richter (1980), p. 80. 

106 Roth (1985), p. 343. 

107Cf, Richter (1980), p. 72. 

108 Prélls and Martin (2010), p. 204. 
10 Roth (2004). 
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8 The Influence of Corporate Law and Public Law 
on the Ratio Legis of the Regime Under Art. 7(3), First 
and Third Indents, of the Rome I Regulation 


It must be noted that the contemporary private international law of the insurance 
contract, to the exclusion of insurance contracts covering a large risk, is intended to 
offer twofold protection: of the policyholder by applying the law of the country in 
which the centre of the policyholder’s activities is situated (Umweltrecht),''' and of 
insurers’ equal chances in their efforts to attract customers. The need for conflict of 
laws protection of such interests is a consequence of current market conditions in the 
European Union. Such conditions are determined, first, by the missing harmoniza- 
tion of law on the insurance contract and, second, by the harmonized terms of 
pursuing insurance activities in the Community. Under the model approach, the 
need for such protection is directly proportional to the level of policyholders’ (and 
insured parties’) protection, as provided in the given national legislation and, in 
consequence, to the level of costs of pursuing insurance activities in that national 
market. This statement supports a compromise in the conflict of laws context, which 
would consider, on one hand, the need to protect policyholders and the need to 
protect insurers from undue distortions of competition and, on the other one, the 
need to realize the Community freedoms, especially the freedom to provide services. 
The uniform market lies, in particular, in the interest of insurers domiciled in those 
Member States whose law offers a relatively low level of policyholder protection. 
Such insurers would aspire—in the conditions of uniform market—to submit the 
total of their insurance contracts concluded by their foreign establishments to the law 
of one country, i.e., the country of their domicile.!!” 


9 Overriding Mandatory Provisions as Instrument 
Protecting the “Weaker Party” to an Insurance Contract 


It is argued in the doctrine that insurance law is “indeed a textbook example of a 
legal discipline in which legislators use mandatory provisions.” It should be no 
surprise that legislators are accustomed to treating the norms they enact as manda- 
tory rules also with regard to relationships involving a foreign element. Their 
expectation was partly met by the Community lawmaker at the stage of drawing 
up the Rome I Regulation. The discussed piece of legislation envisaged the possi- 
bility to give effect to legal provisions from outside the contract statute, which may 
derive from the law of the forum (Art. 9(2)) or from the country of performance of 
the contract (Art. 9(3)), as long, however, as such provisions make an important 


"Roth (1985), p. 357. 
112 See Roth (1985), p. 365. 
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element of public interests protection.''* The two most important (so far) European 
court decisions relating to the discussed subject matter are the cases: C-369 and 
376/96 Arblade''* and C-381/98 Ingmar.''° The difference in terms of rationes 
decidendi of those judgments of the Court of Justice illustrates the difference 
between approaching mandatory rules merely as norms serving the protection of 
public interests of the state, such as political social or economic organization 
(Arblade), and a wider conception covering also norms intended to protect private 
interests (Ingmar). At this point, it is worth noting that the difference between 
specific norms whose application was considered in both factual situations was not 
huge. In the Ingmar case, the rule at stake was the provision granting an agent the 
right to receive commission on a contract concluded after the termination of the 
agency agreement where the proposal of concluding the contract was received by the 
principal or the agent prior to the termination of the agency agreement. On the other 
hand, the Arblade case related to non-application of the provisions of Belgian 
employment law in respect of: retaining employment records, payment of minimum 
wage, monitoring of labor conditions, including occupational health and safety. 
Protection of employee and agent has a common axiological source in the concept 
of so-called weaker party to contractual relationships. Undoubtedly, the Ingmar case 
referred to norms giving rise to a private law claim and the Arblade case to public 
(employment) law norms, both sanctioned and sanctioning ones. However, I con- 
sider it disputable if the norms are important enough, from the point of view of the 
Belgian state, to fulfil the demanding normative pattern under Art. 9(1) of the Rome I 
Regulation. It seems that in examining if a given provision of the Member State is 
intended to protect public interests in the understanding of Art. 9(1) of the Rome I 
Regulation, it will be possible to apply by analogy the methods of interpretation 
developed in German science in the context of § 823(2) Bürgerliches Gesetzbuch,''® 
allowing to establish if a given norm is protective and, secondarily, what type of 
interests (public or only private) it protects. ur Overriding mandatory provisions not 
only have to realize the abovementioned public interests but also apply to factual 
situations covered by their scope regardless of what law is applicable to a given legal 
relationship. The question if overriding mandatory provisions are to be applied 
irrespective of the proper law is generally decided by lex fori (it is different in case 
of so-called foreign rules). The fact if they are indeed overriding follows either from 
the express wording of the provision (textual interpretation) or from other interpre- 
tation methods. That said, the former type of situations will be rare. 'S Since this is a 
matter of other interpretation methods, a question arises—according to what criteria 


113 More on overriding mandatory provisions Pilich (2012), pp. 374-380. 
114 Case C-376/96 Arblade and Leloup. ECR 1999 Page I-08453. 

115 Case C-381/98 Ingmar versus Eaton. ECR 2000, p. I-9305. 

116 See http://www.gesetze-im-internet.de/bgb/ [Accessed: 2.10.2019]. 


117C.f. broadly on the subject: Mataczyński (2011), pp. 97-104 and the ample German literature 
cited therein against the background of § 823(2) BGB. 


118C,f. Mataczyriski (2005), p. 50. 
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interpretation should proceed. At this point, a significant scope of discretion is open 
for interpreters. 

The starting point for the considerations on the scope of application of the law of a 
given country is the principle of territorial application of the country’s law.'!? In 
purely general terms, it boils down to the recognition of the legislative competence 
of the state within the area of its sovereignty, understood as actual dominion. Private 
international law is an exception to that principle, justified at the ratio legis level by 
the aspiration to ensure protection to rights acquired under foreign legal systems, to 
ensure fair resolutions or to maintain good international cooperation (comity),'*° or 
even by an international law obligation of the state.'*! This exception—which is 
indisputable—is thetically justified by the binding force of proper regimes of 
national conflict of laws statutes, unifying legislation, in particular, bi- and multilat- 
eral international treaties or secondary legislation of regional integration organiza- 
tions, especially ones which are crucial from our perspective of EU regulations. 
According to the opinion dominant in European doctrine, the mechanism of apply- 
ing mandatory norms was explained by the conception of so-called latent conflict of 
laws rule.'*? In the light of that opinion, the basis for operation of overarching 
mandatory rules is an unwritten, hidden in the contents of substantive law pro- 
visions, unilateral conflict of laws norm which makes lex specialis in relation to the 
complete conflict of laws norm relevant to a given type of situation.'** This 
conception is based on the universalist assumption of application of private interna- 
tional law (i.e., every act of applying law relies on a conflict of laws rule, however, in 
purely internal matters this procedure is unconscious). I have been of the opinion'** 
that the problem of international mandatory rules may be approached as if from the 
other side, without the need to always rely on the latent conflict of laws rule, by 
regarding the application of substantive law norms of a given state as “return” to the 
basic territorial principle.'?° 

By definition, overriding mandatory provisions stand in opposition to the proper 
law. This is the case since they are provisions which are effective beside the statute 
relevant for the evaluation of a given obligation.'*° Any decision concerning 
recognition of a given norm as an overriding mandatory provision necessitates a 
case-to case evaluation of the particular state of affairs, and the analysis of legal 
provisions should, as such, have a “functional” character. !?” 
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It is settled case law of the Court that it is, in that context, for the national court, in 
the course of its assessment of whether the national law which it proposes to 
substitute for that expressly chosen by the parties to the contract is a “mandatory 
tule,” to consider not only of the exact terms of that law, but also of its general 
structure and of all the circumstances in which that law was adopted to determine 
whether it is mandatory in nature in so far as it appears that the legislature adopted in 
it order to protect an interest judged to be essential by the Member State 
concerned.'** This opinion corresponds with the position taken by the CJEU 
according to which article 16 of Regulation (EC) No 864/2007 of the European 
Parliament and of the Council of 11 July 2007 on the law applicable to 
non-contractual obligations (Rome II) must be interpreted as meaning that a national 
provision, such as that at issue in the main proceedings, which provides that the 
limitation period for actions seeking compensation for damage resulting from an 
accident is three years, cannot be considered to be an overriding mandatory provi- 
sion, within the meaning of that article, unless the court hearing the case finds, based 
on a detailed analysis of the wording, general scheme, objectives and the context in 
which that provisions was adopted, that it is of such importance in the national legal 
order that it justifies a departure from the law applicable, designed pursuant to 
Article 4 of that regulation. Article 27 of Regulation No 864/2007 must be 
interpreted as meaning that Article 28 of Directive 2009/103/EC of the European 
Parliament and of the Council of 16 September 2009 relating to insurance against 
civil liability in respect of the use of motor vehicles, and the enforcement of the 
obligation to insure against such liability, as transposed into national law, does not 
constitute a provision of EU law which lays down a conflict-of-law rule relating to 
non-contractual obligations, within the meaning of Article 27 of that regulation. "° 

At this point, it should be noted that the doctrine of private international law 
makes a consequent distinction between lois de police “de direction” and lois de 
police “de protection” (lois de police protectrice),'*° the equivalents of which in the 
German-language literature are Eingriffsnormens i Parteischutzvorschriften. The 
former protect public interests of the state. These may include provisions regulating 
supervision over insurance activities or imposing the requirement of compulsory 
insurance of a business. The latter restore the equilibrium between the parties to the 
contract and protect the weaker party (policyholder, insured party, injured per- 
son). "°" It is legitimate to treat both groups of situations separately, i.e., apply widely 
the construction of overriding mandatory rules in relation to consumer insurance; on 
the other hand, in case of entrepreneurs possible refusal to apply foreign norms 
compromising the protective principles of German insurance law should be based on 
the public policy clause. The proposed division into norms protecting public 
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interests (being the content of “overriding mandatory rules”) and norms protecting 
merely individual interests (which should be eliminated a priori from the scope of 
the discussed concept) seems very attractive from the point of view of European law. 
It is supported especially by the quite rigorous wording of Art. 9(1) of the Rome 
Regulation, referring to state interests. It is not excluded that the status of “overriding 
mandatory provisions” can be assigned to national law norms intended to protect 
collective policyholder interests under Art. 9 of the Rome I Regulation. '* 

In French judicial practice, a liberal approach is outlined on overriding mandatory 
provisions in cross-border relationships. It is assumed that both provisions enacted in 
the interest of the state (lois de police de diréction) and provisions which protect 
individual interests (lois de police protectrice) may potentially amount to overriding 
mandatory provisions. By way of example, norms governing the language of an 
insurance contract are perceived as such overriding mandatory rules. It is indicated 
that provisions which implement the principle prohibiting the insured party’s enrich- 
ment (rules on the consequences of over-insurance or “multiple” insurance) may also 
count as overriding provisions.'** The status of overriding mandatory provisions 
may also be granted to rules which prohibit insurance of certain specific types of risk. 
The function of such provisions may be performed by norms containing general 
clauses to be applied by national insurance supervision authorities while permitting 
introduction of new insurance types on the domestic insurance market.'** As a 
result, if a given norm protects both public and private interests, it may be recognized 
in a particular case—as long as the other prerequisites are met—as an overriding 
mandatory provision in the understanding of Art. 9 of the Rome I Regulation. 
Moreover, in the case law of the Court of Justice, one may speak of liberal 
interpretation of overriding mandatory provisions. It is pointed out that provisions 
protecting the weaker party from abusive contractual clauses are enacted in the 
public interest.'*° 

A good illustration of the application of the discussed type of provisions is the 
decision by the French Court of Cassation of 2 October 2009,!°° based on a state of 
affairs in which a company incorporated under the laws of France entrusted the 
execution of maintenance works to an entity using materials supplied by their 
Belgian manufacturer. As a result of detachment of one of the structural elements, 
the orderer was injured. The ordering party brought the case before a French court 
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for compensation against the contractor. The defendant requested that the manufac- 
turer and the latter’s insurer be called on to join the proceedings as entities against 
which the defendant had a guarantee claim.'*’ In the course of the process, the 
insurer invoked a clause limiting its liability which had been stipulated in the civil 
liability insurance concluded between the insurer and the manufacturer. That solu- 
tion was in conformity with Belgian law, which governed the insurance contract. 
The essence of the dispute brought before the Court of Cassation boiled down to the 
decision if in the depicted state of affairs Art. 113-1 of the French Insurance Code!** 
could be given effect as an overriding mandatory provision. According to the 
interpretation line adopted in case law with regard to the relatively unfortunately 
formulated first sentence of Art. 113-1 of the Insurance Code,!* ? the insurer is liable 
for damages caused by mishap or reasons attributable to the insured person unless 
the insurance agreement expressly provides for exemptions of the insurer’s liability 
which are rendered precisely enough to permit their understanding without any 
special interpretative endeavors'“° and which are of “exceptional” character in the 
sense that they may not result in excessively far-reaching limitation of the scope of 
insurance protection or affording protection which is merely illusory.'*! The Court 
of Cassation reached the conclusion that in the examined case Art. 113-1 of the 
Insurance Code should have been applied as an overriding mandatory provision, and 
on that basis the insurer should have been refused the right to invoke the contractual 
clause limiting the its liability. Such recourse to French legislation was considered 
justified although the insurance contract was concluded in the territory of Belgium 
by a company incorporated under Belgian law with an insurer of the same domicile 
and the liability of the contracting parties was derivative from the liability of the 
contractor. It is symptomatic that the Court of Cassation did not accept the argument 
raised by the insurer that an obstacle to the application of Art. 113-1 of the Insurance 
Code was the fact that the provision was intended only to protect individual interests 
and did not strive to protect the public interest in any way. In the justification of the 
discussed judgment, it was highlighted that the exclusion of liability stipulated in the 
insurance agreement amounted to an excessively far-reaching restriction of insur- 
ance protection as compared to the principal function which was to be fulfilled by the 
insurance contract.'** 

In a judgment, dated 5 March 2013, the Periguex Court of First Instance held that 
the provisions of Article L121-10 of the French Insurance Code relating to the 
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automatic transfer of property insurance in case of sale of the covered good 
amounted to an overriding provision of French insurance law. The court therefore 
disregarded English law, which was provided for in the insurance policy underwrit- 
ten between an English national and an English insurer to cover a building in France, 
which provides that the policy is automatically terminated in case of sale of the 
covered good.'** 

An analysis of the written justification of the ruling gives rise to the conclusion 
that the application of the conception of overriding mandatory provisions was to 
produce the desired substantive law outcome. Following the conclusions of such 
analysis, it seems that that provisions with the features of lois de police protectrices 
which could be potentially recognized as overriding mandatory provisions include 
insurance law rules intended to protect the policyholder and the insured party and to 
prevent negative consequences of the inequivalent position of the parties to an 
insurance contract. However, a reservation should be made that the foregoing refers 
to provisions which serve the purpose of preserving the essence of the insurance 
contract or its principal functions, including predominantly the function of insurance 
protection. Overriding mandatory provisions, by defending specific legislative 
objectives, are to ensure the substantive law outcome desired from the point of 
view of lex fori, and not to level the differences between particular systems of 
national law. Consequently, an intervention is probable by provisions which express 
the fundamental principles of insurance law, including the good faith principle based 
on mutual loyalty between the parties to an insurance agreement!“ and the principle 
of compensation“? in a situation where these are not cherished by lex causae. Parties 
to an insurance contract should consider the possibility of effect being given to legal 
provisions imposing the requirement of the insured person’s consent to the com- 
mencement of insurance protection granted under a life insurance. In case of artificial 
intelligence, we may have to do with provisions which should apply regardless of the 
law applicable to a given relationship. One example are traffic accidents caused by 
autonomous vehicles. Such provisions are given effect beside the law relevant to the 
relationship. Those are overriding mandatory provisions.'*° For example, some 
French scholars declare that only the following provisions should be considered as 
overriding mandatory provisions: (a) Article L310-2 of the French Insurance Code, 
which provides that insurance contracts with insurers not licensed in France are null 
and void; (b) Article L113-1 of the French Insurance Code, which condemns willful 
misconduct; (c) the general rule, which prohibits criminal liability insurance; 
(d) Article L113-6 of the French Insurance Code, which prohibits the unilateral 
termination of policy in the event of bankruptcy od liquidation of the insured; (e) the 
principle that benefits of the policy cannot exceed the insured’s loss.'*” Part of the 
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Italian legal literature pointed out examples. At first example might be rules states 
have adopted to assure the preservation of the “indemnity character” of insurance 
contracts. The need to avoid that insurance contracts can change from a private 
system of indemnity from risks to a mean for profit seems to fall with the definition 
of those rules that define the social and economics shapes of a country. If insurance 
contracts were—for the policyholder or the beneficiary—to become means for 
profits, it could be believed policyholders and beneficiaries would be induced to 
somehow favour the occurrence of the event they seek relief from, with negative and 
detrimental consequences, for example, in the field of life insurance. A second 
example, already discussed in the legal literature, might concern those substantive 
insurance law rules limiting the insurer’s dominating position in the insurance 


contract. ii 


10 The Application of “Specific Provisions” Relating 
to a Given Compulsory Insurance (Art. 7(4) Letter 
(a) of the Rome I Regulation)—Public Law Aspects 


Key importance for the understanding of the normative content the first sentence of 
Art. 7(4) letter (a) of the Rome I Regulation attaches to the question if the “specific 
provisions” mentioned in that provision are rules mandatorily applied in the conflict 
of laws sense or overriding mandatory provisions. At this point, one should be 
guided by the criterion of the conflict of laws basis for application of the provisions 
given effect beside the law generally applicable to the contract. 

The answer to that question is problematic. The source of doubts is the structure 
of Art. 7(4) letter (a), first sentence. The hypothesis of first sentence of Art. 7(4) letter 
(a) is that the law of a Member State of the European Union imposes in reference to a 
specific type of insurance the obligation to insure. The disposition is the requirement 
that the parties to the insurance contract follow “specific provisions” on that com- 
pulsory insurance type as provided for in the EU Member State whose law prescribes 
the obligation to insure. In addition, the discussed norm has a sanction in the form of 
finding an insurance contract which does not comply with the “specific provisions” 
as non-complying with the insurance obligation. This makes the norm a blanket 
provision, introducing negative legal consequences of acts which do not comply 
with very generally named provisions of law. Such rules are “specific provisions 
relating to that insurance.” 

It must be resolved if the first sentence of Art. 7(4) letter (a) contains, beside a 
norm of unified substantive law, a conflict of laws rule requiring to apply “specific 
provisions relating to that insurance” as provisions mandatorily applied in the 
conflict of laws sense or if the expression “specific provisions relating to that 
insurance” should be referred to overriding mandatory rules. 
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The source of problems in the establishment of the conflict of laws nature of the 
“specific provisions” referred to in the first sentence of Art. 7(4) letter (a) is also the 
relation of the discussed norm with the provisions of the Directive 88/357 (Present: 
Directive 2009/138). Namely, Art. 8(2) of the Directive 88/357 (Present: Art. 179 
(2) of the Directive 88/357) is supplemented by Art. 8(5) letter (a), first indent, of the 
Directive 88/357 (Present: Art. 179(5) letter a of the Directive 2009/138). Under that 
provision, “Member State shall communicate to the Commission the specific legal 
provisions relating to that insurance.” It follows that in the provisions of the 
Directive 2009/138 the concept of “specific provisions relating to a given compul- 
sory insurance” is explained by the contents of notifications made by the Member 
States introducing the insurance obligation. 

Article 179(2) letter (a) of the Directive 2009/138 does not contain any conflict of 
laws norm. In the same way, it does not belong to “provisions of Community law 
which, in relation to particular matters, lay down conflict-of-law rules relating to 
contractual obligations” in the understanding of Art. 23 Rome I. This does not mean, 
however, that the provision of the Directive is considered as a part of interpretation 
of the first sentence of Art. 7(4) letter (a). The concept of “specific provisions” in the 
understanding of the first sentence of Art. 7(4) letter (a) should be assigned auton- 
omous meaning. First, this is supported by the absence in Art. 7 of a norm referring 
to Art. 179(2) letter (a) of the Directive 2009/138 for the sake of clarifying of the 
term “specific provisions.” Second, the acceptance as authoritative for the clarifica- 
tion of the term “specific provisions” of the contents of notifications made by 
Member States under Art. 179(2) letter (a) of the Directive 2009/138 would contra- 
dict the idea of harmonization of private international law. The content of the 
notification is arbitrarily decided by each Member State. This may lead to an 
excessively wide definition of the range of “specific provisions,” e.g., by inclusion 
among them of general provisions on contractual obligations. Moreover, the con- 
tents of notification may be decided by such factors as legislative technique or 
tradition adhered to in the national legal system of a specific Member State. The 
sources of law on a given type of compulsory insurance may comprise either 
comprehensive regimes, including in the area of substantive law on the insurance 
contract, or rules referring to general legal provisions on the insurance contract or to 
the law of contractual obligations. 

The analysis of Art. 7(4) letter (a), first sentence, leads to the conclusion that 
“specific provisions” belong to the category of rules mandatorily applied in the 
conflict of laws sense, and not to the category of overriding mandatory provisions. 

The requirement of compliance by the parties to insurance contracts with “spe- 
cific provisions” of a given Member State relating to specific types of compulsory 
insurance points to the conclusion that the first sentence of Art. 7(4) letter 
(a) contains the requirement of applying “specific provisions” beside the law gener- 
ally applicable to the contract. This statement leads to the conclusion that the 
discussed provision contains the following conflict of laws norm: to insurance 
contracts in respect of which insurance obligation is introduced by the law of an 
EU Member State specific provisions of the Member State governing that compul- 
sory insurance shall apply. Further specification of the content of that conflict of laws 
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rule necessitates interpretation of the term “specific provisions.” The provision of 
Art. 7(4) letter (a), first sentence, allows, in my opinion, to make the two following 
conclusions in his regard. First, “specific provisions” may only be mandatory pro- 
visions (ius cogens). This follows from the fact that non-compliance with the 
“special provisions” under the first sentence of Art. 7(4) letter (a) gives rise to the 
consequence of non-compliance with the insurance obligation. Second, the formu- 
lation “the insurance contract shall not satisfy the obligation to take out insurance” 
suggests that “specific provisions relating to that insurance” are not all mandatory 
provisions governing a specific type of compulsory insurance but only such norms 
that form the contents of the statutory insurance obligation. Such provisions will be, 
e.g., norms on the minimum guarantee cover. Their application does not depend on 
whether they relate to two or more compulsory insurance types introduced in a given 
Member State. It is essential that “specific provisions” are rules forming the content 
of the statutory insurance obligation, which allows to narrow down the designation 
scope of the analyzed conflict of laws rule, characteristic of a conflict of laws rules 
designating mandatorily applied provisions in the conflict-of-law sense. At the same 
time, not every norm forming the content of the statutory insurance obligation will 
be recognized, under Art. 9, as overriding mandatory rule. 

It must be concluded that from the first sentence of Art. 7(4) letter (a) the 
following conflict of laws rule can be derived: to the insurance contract in respect 
of which the insurance obligation has been introduced in the law of a Member State 
of the EU, mandatory rules of that Member State shall apply specifying the content 
of the insurance obligation relating to that compulsory insurance (specific provi- 
sions). This norm is a complete norm. It applies mandatorily. It curtails the conse- 
quences of designation of the law generally applicable to the contract either by a 
conflict of laws rule on the choice of law or conflict of laws rule in the absence of 
choice of law. Its application does not depend on the comparison of the provisions of 
the law generally applicable to the contract with the specific legal provisions of the 
Member State introducing the insurance obligation. 

There are also other arguments against recognising the first sentence of Art. 7 
(4) letter (a) as overriding mandatory provision. First, if the legislator, when drafting 
Art. 7(4) letter (a), first sentence, had that category of norms in mind, the legislator 
would use the expression “overriding mandatory provisions” instead of the term 
“specific provisions.” Second, Art. 7(4) letter (a) refers both to “specific provisions” 
of the conflict-of-law lex fori and to “specific provisions” of a Member State other 
than the conflict-of-law lex fori. However, under Art. 9(3), overriding mandatory 
provisions of a Member State different from the conflict of laws lex fori are given 
effect only if in that Member State “the obligations arising out of the contract have to 
be or have been performed.” The place where the obligations arising out of the 
contract have to be or have been performed is not identifiable as regards the 
fulfilment of a public law obligation to conclude a compulsory insurance contract. "4° 
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The first sentence of Art. 7(4) letter (a) is supplemented by the second sentence of 
that provision. The disposition of that sentence contains the requirement to apply the 
“specific provisions” referred to in Art. 7(4) letter (a), first sentence, prior to the law 
of the Member State in which the risk is situated, designated as the relevant law 
under the applicable conflict of laws rules under Art. 7(3), first indent, letter lit. 
(a) (choice of law) or Art. 7(3), third indent (where the applicable law has not been 
chosen). Such conclusion assumes that Art. 7(4) letter (a), second sentence, shall not 
apply to situations when the legal provisions of the Member State introducing the 
obligation to insure and/or legal provisions of the Member State where the risk is 
situated are given effect as overriding mandatory provisions. "5° 

In the same way, Art. 7(4) letter (a), second sentence, contains a conflict of laws 
rule demarcating the application spheres of “specific provisions” of law of the 
Member State introducing the insurance obligation and the law of the Member 
State where the risk is situated, designated as the relevant law. This norm is not a 
conflict of laws rule of second degree, demarcating the areas of application of other 
conflict of laws rules under the Rome I Regulation. It does not provide that the 
conflict of laws rule designating as relevant the law of the Member State where the 
risk is situated shall not apply when another conflict of laws rule applies under which 
effect is given, beside the law relevant to the contract, to “specific provisions” on a 
given compulsory insurance of the country imposing the insurance obligation. The 
conflict of laws rule encapsulated in Art. 7(4) letter (a), second sentence, resolves 
only about the course of action when the provisions of law of the Member State 
where the risk is situated, as the generally applicable law, contradict the “specific 
provisions” relating to a given type of compulsory insurance of the Member State 
introducing the insurance obligation, by deciding that the latter norms shall prevail. 

A contradiction between the law of the Member State where the risk is situated 
and norms of the Member State introducing the insurance obligation comes into play 
only when the application of law of the Member State where the risk is situated and 
of the “special provisions” of the Member State imposing the obligation leads to 
different consequences.'*! 

It follows from the above considerations that the public law insurance obligation 
affects the problems of establishing the applicable law. 
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11 GDPR in Insurance and Private International Law 


Important changes in the insurance business were introduced by IDD'*? and 
GDPR.'® It seems that, in practice, application of IDD and GDPR may give rise 
to certain problems since both legislative acts seem to be based on different 
assumptions. In case of IDD, one of the most crucial elements is the obligation to 
identify the customer’s demands and needs. On the other hand, the Regulation 
requires that the least possible amount of personal data be collected to protect rights 
and freedoms of natural persons.'** 

Disputes concerning personal data breaches on international scale are complex. 
Despite the application of new, harmonized UE provisions on the protection of 
personal data (GDPR), the European Union has not filled the gap in the Rome II 
Regulation’? relating to the protection of privacy (Art. 1(2) letter (g)). GDPR 
contains only rules in the area of international civil procedure (Art. 79 and follow- 
ing). On the other hand, there is no complementary conflict of laws regime of 
liability for violating the terms of personal data protection. 

It is not an easy task to designate the law applicable to specific questions relating 
to personal data protection. Difficulties follow form the following reasons: (1) exter- 
ritorial applicability of GDPR (Art. 3 GDPR), wherein doubts relate both to the 
specification of the exterritoriality scope and its impact on the process of designating 
the applicable law; (2) mixed, public and private nature of GDPR provisions; (3) use 
in GDPR of new criteria (establishment, targeting of activities, monitoring of the 
behaviour of data subjects) in establishing the scope of GDPR’s application, which 
gives rise to a question about concurrence of such criteria with connectors (e.g., 
breaching party’s domicile, place of violation) found in conflict of laws rules on 
non-contractual liability; (4) introduction in GDPR of rules in the area of interna- 
tional civil procedure, especially on national jurisdiction, favourable to persons 
asserting claims against data controllers, which, in conjunction with a missing 
clear conflict of laws regime, increases the risk of forum shopping (manipulations 
of the applicable law) by data subjects (injured parties); (5) the abovementioned lack 
of harmonized conflict of laws rules for privacy commitments, whereby in case of 
Member States of the European Union, privacy commitments were expressly 
exempted from the scope of application of the Rome H Regulation; '~° this means 
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that depending on the body examining the case, different national law may apply 
(regarding matters not expressly regulated in GDPR, e.g., amount of compensation 
for violation of privacy);'°” (6) the need to assess which of GDPR’s provisions are 
mandatory overriding rules. 

There is no doubt that private international law aspects were seriously neglected 
in the works on GDPR.'** Emphasis was put on specifying GDPR’s exterritorial 
applicability (Art. 3). 

The basic conflict of laws rule under the Rome II Regulation is the principle of 
applying the law of the country in which the damage was sustained regardless of the 
country where the harmful event took place or the country or countries in which the 
event’s incidental consequences occurred (Art. 4(1)). Application of that rule in 
relation to GDPR violations should not raise any major doubts. Moreover, the Rome 
II Regulation contains additional supplementary rules. In the first place, the court 
should check if the parties made a valid choice of applicable law, according to the 
preconditions under Art. 14 of the Rome II Regulation. Also, that solution has 
advantages in case of claims for violating the rules on personal data protection. It 
accounts for party autonomy. In the lack of a valid choice of law, it must be checked 
if there are preconditions to applying rules on separately addressed torts/delicts (Art. 
5-9 of the Rome II Regulation). When the answer is negative, and it is so in case of 
violating the principles of personal data protection, it becomes legitimate to recourse 
to the general norms under Art. 4 of the Rome II Regulation, starting from the rule 
under (2) (applicability of the parties’ common personal law which, by the way, will 
be a solution consistent with the rules of jurisdiction under Art. 79 and following 
GDPR). Only in the absence of a common personal law, one should apply the basic 
norm under Art. 4(1) providing for applicability of the law of the country where the 
direct damage occurred. In both above situations, it is expedient that the court 
establishes if it is possible to correct the designation of law under Art. 4(3) of the 
Rome II regulation. pan 


12 Conclusions 


The purpose of the above considerations was to indicate the mutual interpenetration 
between EU provisions of public and corporate law, as well as the impact of national 
provisions of the same type on private international law. The meeting point between 
public and private insurance law is characterized by the fact that the traditional 
distinction between private law norms (as law protecting predominantly the private 
interests of individuals—parties to civil law relationships) and public law norms 
(as law of the state protecting common interests), originating from nineteenth 
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century liberalism, becomes increasingly problematic. Public law regimes increas- 
ingly often penetrate the areas of legal insurance relationships previously considered 
an exclusive domain of private law.’ In doing so, they are intended both to protect 
general interests (social and economic or political)'®! and to protect “private” 
interests. Among others, this refers to: antitrust, administrative sanctions, insurance 
supervision, information duties, '©* supervision of insurance activities through public 
law, protection of insured in group insurance,'®* artificial intelligence in insurance, 
tules specifying the criteria of admission to specific professions (brokers, agents, 
insurance distributors).'©* At the same time, there is a growing awareness that those 
areas (as, for example: contractual relationships, delicts (torts)) have a “public” 
significance. Private law, more and more clearly, also realizes “public” interests 
because norms protecting “private” interests are also relevant to the social or 
economic organization of the state." At this point, one should point especially to 
the rules protecting “weaker” parties to civil law relationships, both in contractual 
and other relations (delictual tortious).!°” This is the case since private law also 
fulfils “public” functions—by provisions forcing the parties of civil law transactions 
to also consider cross-community or general economic interests. As a result, it 
becomes increasingly difficult to clearly set a demarcation line between public and 
private interests and, in the same way, between public and private law tules,'°* 
especially that legislators relatively rarely invoke that distinction expressly and do 
not introduce its clear criteria. "6° 

It must be noted that the division between public and private law provisions, 
fading in certain legal systems, retains its importance in the context of international 
relationships. Whereas in purely “national” relationships, the generally formal 
qualification of a legal norm is irrelevant to the establishment of its preconditions, 
in international relations the problem of a norm’s nature becomes of utmost impor- 
tance. Derogation of mandatory private law rules of a legal system connected with a 
given relationship is, one way or another, effected through conflict of laws choice of 
law or objective designation of the applicable law according to the criterion applied 
by the judge of the forum.'’° However, such result does not have to be the case in 
regard to public law norms. This follows from a different “level” of public interest 
reflected in private law norms and public law norms. Therefore, a public law norm 
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may “force” its application, regardless of the law governing the legal relationship. It 
was assumed that norms protecting public policy have a territorial effect. 7"! A 
similar consequence attaches to the observation that a given public law rule has an 
“overriding” nature if its application involves a criminal or administrative sanction, 
which is always strictly “territorial.” 

Moreover, insurance contact law is harmonized to a certain degree by directives 
on consumer contract law covering consumer insurances. Mention is to be made of 
Directive 2002/65/EC (Distance Marketing of Financial Services)! °? and Council 
Directive 93/13/EEC (Unfair Contract Terms). 174 Council Directive 93/13/EEC (see 
article 4 para. 2), Directive (EU) 2016/97 of the European Parliament and of the 
Council of 20 January 2016 on insurance distribution provide EU minimum stan- 
dards of client protection and allow Member States to adopt more protective 
measures. Other directives outside the scope of client protection, such as the 
Directive 2000/3 1/EC (Electronic Commerce), "5 Directive 2011/7/EU (Late Pay- 
ment)'’° and Directive 2004/113/EC (Gender Equality)'’’ also have an impact on 
insurance contract law. The provisions of these directives often have mixture 
nature—public and private. 

As opposed to Art. 7 Rome I, in EU legislation the insurance customer is 
considered a protected party under sectoral directives and regulations. 2016/97 
IDD is inconsistent in the specification of the group of parties covered by the 
protective regime. In Recital (3), the party indicated as protected is the customer, 
whereas Recital (10) uses interchangeably the terms ‘consumer’ and ‘customer:’ 
“Current and recent financial turbulence has underlined the importance of ensuring 
effective consumer protection across all financial sectors. It is appropriate, therefore, 
to strengthen the confidence of customers and to make regulatory treatment of the 
distribution of insurance products more uniform in order to ensure an adequate level 
of customer protection across the Union.” However, the Directive does not contain 
any legal definitions of those terms. 
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Since insurance contracts may have an investment element, one should also 
address the concept of investor. The legal definition of retail investor was included 
in Regulation 1286/2014'7* (hereinafter PRIIP), whereby that legislative act refers to 
legal definitions of clients as provided in other directives, depending on whose 
clients they are and what kind of services (goods) they buy, i.e., whether that is a 
packaged retail or insurance-based investment product. Under Art. 4 item 6, “retail 
investor” means: 


e aretail client as defined in point (11) of Article 4 (1) of Directive 2014/65/EU 

e a customer within the meaning of Directive 2002/92/EC, where that customer 
would not qualify as a professional client as defined in point (10) of Article 4 
(1) of Directive 2014/65/EU 


At the time being, consistency is missing, both of the EU and national legislators, 
in the specification of the subject of public law protection. In the provisions on the 
insurance market, the EU legislator does not introduce the customer’s legal defini- 
tion although that term is used, which is a serious shortcoming and gives rise to 
interpretative doubts about the scope of protective measures. In Regulation 1094/ 
2010,7? the terms customer and consumer can be found; also, IDD contains both 
terms and only once uses the concept of professional or retail customer (Art. 30 
(6) item (c)). 

An exception in this regard is the PRIIP Regulation devoted to a narrow aspect of 
insurance activities—insurance contracts with an investment element. For that 
reason, the Regulation contains a legal definition of retail investor, meaning a 
“customer within the meaning of Directive 2002/92/EC (currently Directive 2016/ 
97), where that customer would not qualify as a professional client as defined in 
point (10) of Article 4(1) of Directive 2014/65/EU.” 18° 

Bearing in mind the indicated terminological differences, the existing legislative 
framework needs straightening. It seems legitimate to introduce, for the EU legisla- 
tion concerning the entire financial market, a uniform customer definition, introduc- 
ing a dichotomous division between professional and non-professional customers. 
This is especially substantiated by the existence of so-called hybrid products, 
covering services of different financial market sectors and the related systemic threat. 
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On legal relationships which are especially “susceptible” to public law regimes, 
the delimitation of the spheres of influence between private and public law is—in the 
opinion of certain authors—becoming groundless. '*! At the same time, it is argued 
that nowadays the distinction between private and public law is still of great 
importance'**—especially for the law applied in practice—because of the need to 
demarcate between the spheres of application (among others, with a view to the 
competences of appropriate authorities) of rules belonging to the former or the latter 
branch of the legal system. '** When considering this issue, it should be noted, in the 
first place, that the distinction between private and public law norms is not conse- 
quently followed in all legal systems, and the sense of introducing such division is 
often put into question. %4 It must be noted that the differentiation between public 
and private law provisions, although blurred in certain legal systems, retains its 
validity in reference to international relationships. While in purely “national” legal 
relationships the formal qualification of a legal norm is generally irrelevant to the 
establishment of preconditions to its application, in international relations the ques- 
tion of the norm’s nature assumes greater significance. Derogation from mandatory 
private law provisions forming a part of the legal system connected with a given 
relationship is, one way or another, effected by conflict of laws designation of law or 
by objective designation of the applicable law according to the criterion applied by 
the judge of the forum.'** However, such consequence does not have to be the case 
with regard to public law norms. This follows from a different “level” of public 
interest reflected in private and public law norms. As a result, a public law norm may 
“force” its application regardless of the law governing the legal relationship. There- 
fore, it was assumed that norms protecting the public policy have a territorial 
effect. '*° 

Nowadays, the most popular criterion is that of interest (public/private) realized 
through the norm, however, even this criterion is criticized, !87 for example, because 
the demarcation between such interests—as mentioned above—is sometimes diffi- 
cult.'®® Besides, more importantly, even if it were possible to distinguish public law 
provisions on that basis, all of them are a manifestation of certain “common” 
interests and are intended to protect such interests. The criterion of “interests,” in 
reference to “overriding” mandatory rules of private or public law, implies drawing 
attention to the purposes realized by the state through specific legal regimes. 
Consequently, this refers to provisions which are so important to ensure consistence 


181 See, e.g., Harlow (1980), p. 241 et seq. 


'82Tts importance even grew in places where it had not been recognized before, see Jurgens and van 
Ommeren (2012), p. 172 et seq. 


183 See Szczepaniak (2015), p. 13. 

184 Szczepaniak (2015), p. 6. 

185 See, e.g., Philip (1982), p. 92; von Biberstein (1981), p. 96. 
186 See, e.g., von Hoffmann and Thorn (2007), p. 55. 

187 Maier (1982), p. 289; Lowenfeld (1979), p. 335. 

'88 See, e.g., Kominos (2002), p. 477 et seq. 


356 M. Fras 


of the state organization that they must apply, regardless of the law governing the 
given legal relationship under “ordinary” conflict of laws rules. Therefore, not every 
purpose of a “mandatory” provision (including public law rules) necessitates its 
“overriding” application. This refers to special purposes, of great political, social, 
economic, or moral significance, that is, purposes which are also protected by public 
order clauses. In this connection, it is pointed out that it is useful to consider, in the 
process of establishing “importance” of a given provision, such purposes (values) 
that may be considered an expression of the principles of international public policy. 
Therefore, attribution to any specific rule of the “overriding” mandatory nature is a 
consequence of concluding that the values realized by the provision reflect the 
principles of transnational ordre public or of the European public policy.'*? Such 
solution was adopted in Art. 9(1) of the Rome I Regulation p 
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